Mixed IP addresses in the log behind nginx-proxy #675
Comments
|
@rucksman My first intuition is your gotify trusted proxies settings are too strict or too lax. Are the private IP addresses you see within the range of your trusted proxy setting? Without looking at your actual setup I can't be sure what exactly is happening. If the above is not your case could you show:
|
|
I just discovered the (undocumented) setting trustedproxies in one of the commits. That seems to do the trick. Is there a variation of this setting as an environment variable in docker-compose.yml? I tried "GOTIFY_SERVER_TRUSTEDPROXIES", but that did not work. |
|
|
|
You need to put brackets around. GOTIFY_SERVER_TRUSTEDPROXIES=[172.24.0.1] |
|
Got it, somehow I overlooked that syntax and just blatantly assumed it would be just comma separated (like in other software, e.g. key cloak) |
I am running Gotify since quite a long time in a Docker container behind an nginx-proxy. Recently I often get banned from my fail2ban. This has never happend before, and I did not make any changes in both docker-compose files. I am on the most recent versions.
When I look into the gotify log (which is clearly the cause of the problem), I see mixed IP addresses, which confuses me. I see a lot of 172.xxx.xxx.xxx entries which originate from the nginx-proxy, but I also see normal IP addresses. I would expect to see only either the proxy address or the real addresses.
The problem is that the proxy address (172) is banned by fail2ban. and whitelisting the address is obviously not a good idea. So my goal would of course be to see only real addresses in the gotify log. Why is it that I see both proxy and real IP addresses in the log?
Honestly I am not sure if this is a gotify issue or a proxy issue, but I try my luck here first.
The text was updated successfully, but these errors were encountered: