search

LemmyNet / lemmy-ansible

A docker deploy for ansible
GNU Affero General Public License v3.0
248 stars 94 forks source link

Fix prefix in nginx set_real_ip_from to only use private address range #248

Closed Nothing4You closed 3 weeks ago

Nothing4You commented 3 weeks ago

If all private IPv4 RFC 1918 private IPs should be accepted then this could be extended to also take 10.0.0.0/8 and 192.168.0.0/16.

codyro commented 3 weeks ago

If all private IPv4 RFC 1918 private IPs should be accepted then this could be extended to also take 10.0.0.0/8 and 192.168.0.0/16.

I believe Docker uses the 172.17.0.0/16 by default, which might explain why this was configured this way.

Podman uses 10.88.0.0/16 by default, so we should at least add that range as well, although I can see the argument for doing the full /8.