finn/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add reverse proxy configuration support for remote IP address (#14959)

Browse source 
* Add reverse proxy configuration support for remote IP address validation

* Trust all IP addresses in containerized environments by default

* Use single option to specify networks and proxy IP addresses. By default trust all loopback IPs

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
This commit is contained in:
Lauris BH 2021-03-16 00:27:28 +02:00 committed by GitHub
parent 6e423d5573
commit 044cd4d016
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
20 changed files with 464 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
custom/conf/app.example.ini
View file

@ -549,6 +549,10 @@ COOKIE_REMEMBER_NAME = gitea_incredible
; Reverse proxy authentication header name of user name
REVERSE_PROXY_AUTHENTICATION_USER = X-WEBAUTH-USER
REVERSE_PROXY_AUTHENTICATION_EMAIL = X-WEBAUTH-EMAIL
; Interpret X-Forwarded-For header or the X-Real-IP header and set this as the remote IP for the request
REVERSE_PROXY_LIMIT = 1
; List of IP addresses and networks seperated by comma of trusted proxy servers. Use `*` to trust all.
REVERSE_PROXY_TRUSTED_PROXIES = 127.0.0.0/8,::1/128
; The minimum password length for new Users
MIN_PASSWORD_LENGTH = 6
; Set to true to allow users to import local server paths