search

instedd / surveda

InSTEDD Surveda
https://instedd.org/technologies/surveda-mobile-surveys/
GNU General Public License v3.0
17 stars 6 forks source link

Activity log is recording internal Docker IPs #2329

Closed matiasgarciaisaia closed 4 months ago

matiasgarciaisaia commented 7 months ago

In the country instances we're using, Surveda's Activity Log is recording internal Docker IPs (10.42.133.167) instead of the user's actual public IP address.

matiasgarciaisaia commented 7 months ago

I've done some quick local tests, and here this conn.remote_ip is the reverse proxy's one - but we have the X-Forwarded-For header present in the conn, so we should use that instead:

Local request (using dockerdev) 
app-1      | 2024-04-24T19:31:29.898Z request_id=F8lOLVYWVPy2524AAB_D [warn] Here's a conn we received:
app-1      | %Plug.Conn{
app-1      |   adapter: {Plug.Cowboy.Conn, :...},
app-1      |   assigns: %{
app-1      |     current_user: %Ask.User{
app-1      |       __meta__: #Ecto.Schema.Metadata<:loaded, "users">,
app-1      |       channels: #Ecto.Association.NotLoaded,
app-1      |       confirmation_sent_at: nil,
app-1      |       confirmation_token: nil,
app-1      |       confirmed_at: nil,
app-1      |       current_password: nil,
app-1      |       email: "mgarcia@manas.com.ar",
app-1      |       id: 1,
app-1      |       inserted_at: ~U[2024-04-24 19:31:15Z],
app-1      |       name: "",
app-1      |       oauth_tokens: #Ecto.Association.NotLoaded,
app-1      |       password: nil,
app-1      |       password_confirmation: nil,
app-1      |       password_hash: "$2b$12$F/aI3s4KuhUg.IVHZ5WR1ehUK.mAzO85dFEwwKqBssN/DKN20XJC2",
app-1      |       project_memberships: #Ecto.Association.NotLoaded,
app-1      |       projects: #Ecto.Association.NotLoaded,
app-1      |       remember_created_at: nil,
app-1      |       reset_password_sent_at: nil,
app-1      |       reset_password_token: nil,
app-1      |       settings: %{},
app-1      |       updated_at: ~U[2024-04-24 19:31:15Z]
app-1      |     }
app-1      |   },
app-1      |   body_params: %{"survey" => %{"generates_panel_survey" => false}},
app-1      |   cookies: %{
app-1      |     "_ask_key" => "SFMyNTY.g3QAAAAEbQAAAAtfY3NyZl90b2tlbm0AAAAYc1lSV2s2TFRvQTdDN2kzWWZUUGY1UT09bQAAAAxjbGllbnRfc3RhdGV0AAAAAmQACWNsaWVudF9pZG0AAAAQQXlDNk9EQVFJY3UyU2c9PWQACHJlZGlyZWN0ZAADbmlsbQAAAAxzZXNzaW9uX2F1dGhtAAAAJDM3OTgwMzc4LTAyNzEtMTFlZi1hMjQxLTAyNDJhYzEyMDAwM20AAAAOdXNlcl9yZXR1cm5fdG9kAANuaWw.S77RRfh85nANMM5pqMnqrELHPWpFzoGzwkh2d4zwRUI",
app-1      |     "_ga" => "GA1.1.1550521521.1713380373",
app-1      |     "_ga_699NE13B0K" => "GS1.1.1713986843.3.0.1713986843.0.0.0"
app-1      |   },
app-1      |   halted: false,
app-1      |   host: "app.surveda.lvh.me",
app-1      |   method: "POST",
app-1      |   owner: #PID<0.1354.0>,
app-1      |   params: %{
app-1      |     "project_id" => "1",
app-1      |     "survey" => %{"generates_panel_survey" => false}
app-1      |   },
app-1      |   path_info: ["api", "v1", "projects", "1", "surveys"],
app-1      |   path_params: %{"project_id" => "1"},
app-1      |   port: 80,
app-1      |   private: %{
app-1      |     AskWeb.Router => {[], %{Plug.Swoosh.MailboxPreview => ["mailbox"]}},
app-1      |     :before_send => [#Function<2.60763813/1 in Phoenix.Controller.fetch_flash/2>,
app-1      |      #Function<0.29283909/1 in Plug.Session.before_send/2>,
app-1      |      #Function<1.73153509/1 in Plug.Logger.call/2>,
app-1      |      #Function<0.106162560/1 in Phoenix.LiveReloader.before_send_inject_reloader/3>],
app-1      |     :phoenix_action => :create,
app-1      |     :phoenix_controller => AskWeb.SurveyController,
app-1      |     :phoenix_endpoint => AskWeb.Endpoint,
app-1      |     :phoenix_flash => %{},
app-1      |     :phoenix_format => "json",
app-1      |     :phoenix_layout => {AskWeb.LayoutView, :app},
app-1      |     :phoenix_router => AskWeb.Router,
app-1      |     :phoenix_view => AskWeb.SurveyView,
app-1      |     :plug_session => %{
app-1      |       "_csrf_token" => "sYRWk6LToA7C7i3YfTPf5Q==",
app-1      |       "client_state" => %{client_id: "AyC6ODAQIcu2Sg==", redirect: nil},
app-1      |       "session_auth" => "37980378-0271-11ef-a241-0242ac120003",
app-1      |       "user_return_to" => nil
app-1      |     },
app-1      |     :plug_session_fetch => :done
app-1      |   },
app-1      |   query_params: %{},
app-1      |   query_string: "",
app-1      |   remote_ip: {172, 28, 0, 2},
app-1      |   req_cookies: %{
app-1      |     "_ask_key" => "SFMyNTY.g3QAAAAEbQAAAAtfY3NyZl90b2tlbm0AAAAYc1lSV2s2TFRvQTdDN2kzWWZUUGY1UT09bQAAAAxjbGllbnRfc3RhdGV0AAAAAmQACWNsaWVudF9pZG0AAAAQQXlDNk9EQVFJY3UyU2c9PWQACHJlZGlyZWN0ZAADbmlsbQAAAAxzZXNzaW9uX2F1dGhtAAAAJDM3OTgwMzc4LTAyNzEtMTFlZi1hMjQxLTAyNDJhYzEyMDAwM20AAAAOdXNlcl9yZXR1cm5fdG9kAANuaWw.S77RRfh85nANMM5pqMnqrELHPWpFzoGzwkh2d4zwRUI",
app-1      |     "_ga" => "GA1.1.1550521521.1713380373",
app-1      |     "_ga_699NE13B0K" => "GS1.1.1713986843.3.0.1713986843.0.0.0"
app-1      |   },
app-1      |   req_headers: [
app-1      |     {"accept", "application/json"},
app-1      |     {"accept-encoding", "gzip, deflate"},
app-1      |     {"accept-language", "en-GB,en;q=0.5"},
app-1      |     {"connection", "close"},
app-1      |     {"content-length", "43"},
app-1      |     {"content-type", "application/json"},
app-1      |     {"cookie",
app-1      |      "_ga_699NE13B0K=GS1.1.1713986843.3.0.1713986843.0.0.0; _ga=GA1.1.1550521521.1713380373; _ask_key=SFMyNTY.g3QAAAAEbQAAAAtfY3NyZl90b2tlbm0AAAAYc1lSV2s2TFRvQTdDN2kzWWZUUGY1UT09bQAAAAxjbGllbnRfc3RhdGV0AAAAAmQACWNsaWVudF9pZG0AAAAQQXlDNk9EQVFJY3UyU2c9PWQACHJlZGlyZWN0ZAADbmlsbQAAAAxzZXNzaW9uX2F1dGhtAAAAJDM3OTgwMzc4LTAyNzEtMTFlZi1hMjQxLTAyNDJhYzEyMDAwM20AAAAOdXNlcl9yZXR1cm5fdG9kAANuaWw.S77RRfh85nANMM5pqMnqrELHPWpFzoGzwkh2d4zwRUI"},
app-1      |     {"dnt", "1"},
app-1      |     {"host", "app.surveda.lvh.me"},
app-1      |     {"origin", "http://app.surveda.lvh.me"},
app-1      |     {"referer", "http://app.surveda.lvh.me/projects/1/surveys"},
app-1      |     {"user-agent",
app-1      |      "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:125.0) Gecko/20100101 Firefox/125.0"},
app-1      |     {"x-forwarded-for", "192.168.65.1"},
app-1      |     {"x-forwarded-proto", "http"},
app-1      |     {"x-real-ip", "192.168.65.1"}
app-1      |   ],
app-1      |   request_path: "/api/v1/projects/1/surveys",
app-1      |   resp_body: nil,
app-1      |   resp_cookies: %{},
app-1      |   resp_headers: [
app-1      |     {"cache-control", "max-age=0, private, must-revalidate"},
app-1      |     {"x-request-id", "F8lOLVYWVPy2524AAB_D"}
app-1      |   ],
app-1      |   scheme: :http,
app-1      |   script_name: [],
app-1      |   secret_key_base: :...,
app-1      |   state: :unset,
app-1      |   status: nil
app-1      | }
app-1      | 2024-04-24T19:31:29.899Z request_id=F8lOLVYWVPy2524AAB_D [warn] ~~~~~
"Internet" request (using ngrok) 
app-1      | 2024-04-24T19:36:19.946Z request_id=F8lOcOH5bBWgZ3MAAEXh [warn] Here's a conn we received:
app-1      | %Plug.Conn{
app-1      |   adapter: {Plug.Cowboy.Conn, :...},
app-1      |   assigns: %{
app-1      |     current_user: %Ask.User{
app-1      |       __meta__: #Ecto.Schema.Metadata<:loaded, "users">,
app-1      |       channels: #Ecto.Association.NotLoaded,
app-1      |       confirmation_sent_at: nil,
app-1      |       confirmation_token: nil,
app-1      |       confirmed_at: nil,
app-1      |       current_password: nil,
app-1      |       email: "mgarcia@manas.com.ar",
app-1      |       id: 1,
app-1      |       inserted_at: ~U[2024-04-24 19:31:15Z],
app-1      |       name: "",
app-1      |       oauth_tokens: #Ecto.Association.NotLoaded,
app-1      |       password: nil,
app-1      |       password_confirmation: nil,
app-1      |       password_hash: "$2b$12$F/aI3s4KuhUg.IVHZ5WR1ehUK.mAzO85dFEwwKqBssN/DKN20XJC2",
app-1      |       project_memberships: #Ecto.Association.NotLoaded,
app-1      |       projects: #Ecto.Association.NotLoaded,
app-1      |       remember_created_at: nil,
app-1      |       reset_password_sent_at: nil,
app-1      |       reset_password_token: nil,
app-1      |       settings: %{},
app-1      |       updated_at: ~U[2024-04-24 19:31:15Z]
app-1      |     }
app-1      |   },
app-1      |   body_params: %{"survey" => %{"generates_panel_survey" => false}},
app-1      |   cookies: %{
app-1      |     "_ask_key" => "SFMyNTY.g3QAAAADbQAAAAtfY3NyZl90b2tlbm0AAAAYZzlpdG1XckItVWpid1dnbEhRTWRuc0FxbQAAAAxjbGllbnRfc3RhdGV0AAAAAmQACWNsaWVudF9pZG0AAAAQVlFsNGkrU0lsMHBiS3c9PWQACHJlZGlyZWN0ZAADbmlsbQAAAAxzZXNzaW9uX2F1dGhtAAAAJGU0OWI1MTljLTAyNzEtMTFlZi1iOGQyLTAyNDJhYzEyMDAwMw.VhpPuyUCyHERzpUv3R59xD8zQgEVbMrJ4cphKDXwkSQ"
app-1      |   },
app-1      |   halted: false,
app-1      |   host: "5f83-181-45-244-38.ngrok-free.app",
app-1      |   method: "POST",
app-1      |   owner: #PID<0.2208.0>,
app-1      |   params: %{
app-1      |     "project_id" => "1",
app-1      |     "survey" => %{"generates_panel_survey" => false}
app-1      |   },
app-1      |   path_info: ["api", "v1", "projects", "1", "surveys"],
app-1      |   path_params: %{"project_id" => "1"},
app-1      |   port: 80,
app-1      |   private: %{
app-1      |     AskWeb.Router => {[], %{Plug.Swoosh.MailboxPreview => ["mailbox"]}},
app-1      |     :before_send => [#Function<2.60763813/1 in Phoenix.Controller.fetch_flash/2>,
app-1      |      #Function<0.29283909/1 in Plug.Session.before_send/2>,
app-1      |      #Function<1.73153509/1 in Plug.Logger.call/2>,
app-1      |      #Function<0.106162560/1 in Phoenix.LiveReloader.before_send_inject_reloader/3>],
app-1      |     :phoenix_action => :create,
app-1      |     :phoenix_controller => AskWeb.SurveyController,
app-1      |     :phoenix_endpoint => AskWeb.Endpoint,
app-1      |     :phoenix_flash => %{},
app-1      |     :phoenix_format => "json",
app-1      |     :phoenix_layout => {AskWeb.LayoutView, :app},
app-1      |     :phoenix_router => AskWeb.Router,
app-1      |     :phoenix_view => AskWeb.SurveyView,
app-1      |     :plug_session => %{
app-1      |       "_csrf_token" => "g9itmWrB-UjbwWglHQMdnsAq",
app-1      |       "client_state" => %{client_id: "VQl4i+SIl0pbKw==", redirect: nil},
app-1      |       "session_auth" => "e49b519c-0271-11ef-b8d2-0242ac120003"
app-1      |     },
app-1      |     :plug_session_fetch => :done
app-1      |   },
app-1      |   query_params: %{},
app-1      |   query_string: "",
app-1      |   remote_ip: {172, 18, 0, 4},
app-1      |   req_cookies: %{
app-1      |     "_ask_key" => "SFMyNTY.g3QAAAADbQAAAAtfY3NyZl90b2tlbm0AAAAYZzlpdG1XckItVWpid1dnbEhRTWRuc0FxbQAAAAxjbGllbnRfc3RhdGV0AAAAAmQACWNsaWVudF9pZG0AAAAQVlFsNGkrU0lsMHBiS3c9PWQACHJlZGlyZWN0ZAADbmlsbQAAAAxzZXNzaW9uX2F1dGhtAAAAJGU0OWI1MTljLTAyNzEtMTFlZi1iOGQyLTAyNDJhYzEyMDAwMw.VhpPuyUCyHERzpUv3R59xD8zQgEVbMrJ4cphKDXwkSQ"
app-1      |   },
app-1      |   req_headers: [
app-1      |     {"accept", "application/json"},
app-1      |     {"accept-encoding", "gzip, deflate, br"},
app-1      |     {"accept-language", "en-GB,en;q=0.5"},
app-1      |     {"content-length", "43"},
app-1      |     {"content-type", "application/json"},
app-1      |     {"cookie",
app-1      |      "_ask_key=SFMyNTY.g3QAAAADbQAAAAtfY3NyZl90b2tlbm0AAAAYZzlpdG1XckItVWpid1dnbEhRTWRuc0FxbQAAAAxjbGllbnRfc3RhdGV0AAAAAmQACWNsaWVudF9pZG0AAAAQVlFsNGkrU0lsMHBiS3c9PWQACHJlZGlyZWN0ZAADbmlsbQAAAAxzZXNzaW9uX2F1dGhtAAAAJGU0OWI1MTljLTAyNzEtMTFlZi1iOGQyLTAyNDJhYzEyMDAwMw.VhpPuyUCyHERzpUv3R59xD8zQgEVbMrJ4cphKDXwkSQ"},
app-1      |     {"dnt", "1"},
app-1      |     {"host", "5f83-181-45-244-38.ngrok-free.app"},
app-1      |     {"origin", "https://5f83-181-45-244-38.ngrok-free.app"},
app-1      |     {"referer", "https://5f83-181-45-244-38.ngrok-free.app/projects/1/surveys"},
app-1      |     {"sec-fetch-dest", "empty"},
app-1      |     {"sec-fetch-mode", "cors"},
app-1      |     {"sec-fetch-site", "same-origin"},
app-1      |     {"te", "trailers"},
app-1      |     {"user-agent",
app-1      |      "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:125.0) Gecko/20100101 Firefox/125.0"},
app-1      |     {"x-forwarded-for", "181.45.244.38"},
app-1      |     {"x-forwarded-host", "5f83-181-45-244-38.ngrok-free.app"},
app-1      |     {"x-forwarded-proto", "https"}
app-1      |   ],
app-1      |   request_path: "/api/v1/projects/1/surveys",
app-1      |   resp_body: nil,
app-1      |   resp_cookies: %{},
app-1      |   resp_headers: [
app-1      |     {"cache-control", "max-age=0, private, must-revalidate"},
app-1      |     {"x-request-id", "F8lOcOH5bBWgZ3MAAEXh"}
app-1      |   ],
app-1      |   scheme: :http,
app-1      |   script_name: [],
app-1      |   secret_key_base: :...,
app-1      |   state: :unset,
app-1      |   status: nil
app-1      | }
app-1      | 2024-04-24T19:36:19.947Z request_id=F8lOcOH5bBWgZ3MAAEXh [warn] ~~~~~

You can see my public IP 181.45.244.38 in that last example.

matiasgarciaisaia commented 4 months ago

Fixed by #2342