Feature Request: Add "Proxy Protocol" as docker environment variables for Nginx reverse proxy config settings.

[bnkas]

Since BTCPay Docker already allows a user to easily enable the use of Nginx as reverse proxy, it is fairly simple to allow Nginx to properly get real client IP address when the user fronts BTCPay by a TCP (not HTTP) proxy such HAProxy, Cloudflare Spectrum, etc.

To enable Proxy Protocol in Nginx, the following settings must be set in the docker Nginx default.conf file:

listen 443 ssl http2 proxy_protocol;
real_ip_header proxy_protocol;
set_real_ip_from 10.10.10.1/24;

Note: 10.10.10.1/24 is an input that would need to come from user.

I suggest creating a new docker env variable (or two) to allow the user to enable Proxy Protocol in Nginx conf file and provide the "set_real_ip_from" value to be used.

I also understand that BTCPay Docker supports Traefik as reverse proxy, which supports proxy protocol as well. So this feature can apply there too.

Thanks.

[d2ro]

For everyone who stumbles across this: You can also install another nginx on your system and let it handle the proxy protocol:

# /etc/nginx/nginx.conf

stream {
    upstream btcpayserver {
        server 127.0.0.1:443;
    }

    server {
        listen     1443      proxy_protocol;
        listen     [::]:1443 proxy_protocol;
        proxy_pass btcpayserver;
    }
}