Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add $NGINX_REAL_IP_RECURSIVE and $NGINX_REAL_IP_TRUSTED_ADDRESSES #1137

Merged
merged 1 commit into from
Jul 23, 2017

Conversation

3kami3
Copy link
Contributor

@3kami3 3kami3 commented Mar 20, 2017

Configuring GitLab trusted_proxies and the NGINX real_ip module.
If your docker container runs behind a reverse proxy, you may not want the IP address of the proxy to show up as the client address.
ref.
https://docs.gitlab.com/omnibus/settings/nginx.html#configuring-gitlab-trusted_proxies-and-the-nginx-real_ip-module
and
https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/9623

Configuring GitLab trusted_proxies and the NGINX real_ip module.
@xueshanf
Copy link
Contributor

I am confused. I have been using GITLAB_TRUSTED_PROXIES. Is it going away?

@3kami3
Copy link
Contributor Author

3kami3 commented Mar 24, 2017

I think that you can see in the description of the official GitLab document.

Using a LB and GitLab with bundled Nginx:
Set NGINX_REAL_IP_RECURSIVE and NGINX_REAL_IP_TRUSTED_ADDRESSES.
https://docs.gitlab.com/omnibus/settings/nginx.html#configuring-gitlab-trusted_proxies-and-the-nginx-real_ip-module

Using a non-bundled web-server:
Set GITLAB_TRUSTED_PROXIES.
https://docs.gitlab.com/omnibus/settings/nginx.html#using-a-non-bundled-web-server

@avluis
Copy link

avluis commented Apr 21, 2017

😻 I need this~
The issue is that when using a load balancer, there is still an internal IP that is logged:
LB -> GitLab NGINX -> GitLab

@reynold-lariza
Copy link
Contributor

reynold-lariza commented May 23, 2017

Ah, I did a similar thing with #1223, I had to make this work because of Rack Attack.

AWS ELB > nginx-proxy > docker-gitlab-with-nginx

However in my case I've had it set default to 0.0.0.0/0 since its just the nginx inside gitlab container.

@solidnerd
Copy link
Collaborator

@3kami3 I will add this for the next feature (9.4.0). Thanks for your work 👍 .

@solidnerd solidnerd merged commit f1c0cb3 into sameersbn:master Jul 23, 2017
@3kami3
Copy link
Contributor Author

3kami3 commented Jul 23, 2017

Thank you for the merge.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants