Closed mxbchr closed 8 months ago
Was this tested for existing installs? as it appears it would only apply on a fresh install (as that is when the template yaml is copied).
@sinclairpaul Fair Point. You're right. It doesn't affect existing installs. I didn't think this through. I have no clue how it could be updated on existing installs though.
Proposed Changes
Add the 172.30.33.0/24 network to cover requests coming from official NPM/Nginx Addon as Trusted Proxies by default. This is necessary for client identification based on IP.
As specified in: https://github.com/AdguardTeam/AdGuardHome/wiki/Configuration trusted_proxies (since v0.107.0) – The list of IP addresses and CIDR prefixes of trusted HTTP proxy servers. If a DNS-over-HTTPS request comes from one of these addresses or networks, AdGuard Home uses the provided proxy headers, such as X-Real-IP, to get the real IP address of the client. Requests from HTTP proxies outside of these networks are considered to be requests from the proxy itself. That is, the proxy headers are ignored.
Prior to this
Tested. Prior to this the trusted_proxies section in AdGuardHome.yaml looked like this:
Now it looks like this:
Related Issues
Fixes https://github.com/hassio-addons/addon-adguard-home/issues/467 Partially related to https://github.com/hassio-addons/addon-adguard-home/issues/354