Open ekristen opened 6 years ago
oauth2_proxy
currently supports the X-Real-IP
header. X-Forwarded-For
is admittedly more conventional. But if you want support today, you can configure haproxy to set the X-Real-IP
header.
Thanks for the workaround!
@ekristen I run haproxy at the edge as well and re-implemented the nginx auth_request directive for haproxy in Lua to not pass all the traffic through oauth2_proxy. It might fit your needs as well:
Repository: https://github.com/TimWolla/haproxy-auth-request Hacker News: https://news.ycombinator.com/item?id=16188744
I run oauth2_proxy behind haproxy, as haproxy are my edge servers. Unfortunately this means that oauth2_proxy records the client IP as the haproxy IP instead of what's in the x-forwarded-for header.
I would ask that a flag be added to tells oauth2_proxy to trust x-forwarded-for header and record that value as the client ip.
Thank you.