[Feature Request] Support proxy protocol

go-gitea / gitea

Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD

https://gitea.com

MIT License

43.99k stars 5.4k forks source link

[Feature Request] Support proxy protocol #7508

Closed manuelluis closed 2 years ago

manuelluis commented 5 years ago

Support proxy protocol connections for HTTP/HTTPS and SSH, so we can have the originating ip in the gitea log if we are behind a proxy.

https://www.haproxy.com/blog/haproxy/proxy-protocol/

stale[bot] commented 4 years ago

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.

zeripath commented 3 years ago

OK @manuelluis I have put a PR up to support this - but I think we need to be clear why Gitea needs to be aware of the proxy itself.

manuelluis commented 3 years ago

If gitea is behind a proxy like haproxy or nginx and we like to have the original ip in the gitea logs, we can use also the X-Forwarded-For header if the connections are HTTP or the proxy handle the HTTPS connections. But in the case of SSH connections or if gitea handle the HTTPS and we don't break the SSL in the proxy, with the proxy protocol we can have the original ip.

zeripath commented 3 years ago

So I think my PR does do that IIRC