eternal-flame-AD
commented
3 months ago @rucksman My first intuition is your gotify trusted proxies settings are too strict or too lax. Are the private IP addresses you see within the range of your trusted proxy setting?
Without looking at your actual setup I can't be sure what exactly is happening. If the above is not your case could you show:
- the trusted proxies settings in gotify config
- the
NetworkSettingssection of your nginx and gotify container withdocker inspect - the docker-compose files for nginx and gotify
rucksman
jmattheis
kirides
I am running Gotify since quite a long time in a Docker container behind an nginx-proxy. Recently I often get banned from my fail2ban. This has never happend before, and I did not make any changes in both docker-compose files. I am on the most recent versions.
When I look into the gotify log (which is clearly the cause of the problem), I see mixed IP addresses, which confuses me. I see a lot of 172.xxx.xxx.xxx entries which originate from the nginx-proxy, but I also see normal IP addresses. I would expect to see only either the proxy address or the real addresses.
The problem is that the proxy address (172) is banned by fail2ban. and whitelisting the address is obviously not a good idea. So my goal would of course be to see only real addresses in the gotify log. Why is it that I see both proxy and real IP addresses in the log?
Honestly I am not sure if this is a gotify issue or a proxy issue, but I try my luck here first.