Specifying a hostname (not IP) for trusted_proxies

help

#1

Hi, I have OC running inside a Docker container alongside a separate container hosting an nginx-based SSL reverse proxy. I want to be able to see the real IP of requests in the OC log file so I can feed it to Fail2Ban. If I specifiy the IP of the nginx container then this all works fine. The problem is that that this IP is transient; if I reboot then this container could get a different IP assigned. If I use the container's hostname in trusted_proxies instead of it's IP then the requester's real IP does not get represented in the logs - all requests appear to originate from the proxy.

Does anyone have any possible solutions for this scenario where the proxy's hostname is known but the IP is not?

Thanks,
Andy


#2

my transparent haproxy has an option "forward-for"... This feed the http variable "x-forwarded-for".
It would be nice if owncloud could be configured that it shows this variable instead of the "REMOTE_ADDR" or "HTTP_CLIENT_IP"...


#3

Hi,

it might worth to have a look in a documentation where various configuration options for a reverse proxy exists:

https://doc.owncloud.org/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html