Forwarding "real" IP address

[cakarlen]

Does this project have the ability to preserve the "real" IP address of clients using Plex to reflect on the Plex dashboard correctly?

Currently, I'm using Caddy to reverse proxy Plex while following the steps listed in this repo and ensured I'm forwarding the necessary headers to preserve the IP. Plex works on all tested clients and can confirm that I can access Plex remotely, but all clients (including on LAN) are showing as remote, instead of the true IP address of the client.

[lostb1t]

@cakarlen actually this seems to work.

I think its expected that everything is "remote".

LAN will also go through your public IP/domain but your router should be smart enough "NAT reflection" to keep the request local. But it will show as your public ip address instead of lan IP. Nothing i can change about that.

You can add your Ip to the LAN networks field under network in plex to at least have it show up as local.

Actual remote clients should show their public IP.

you can enable tracing by adding a env variable with RUST_LOG="info,replex=tracing" to see what value the forwarded-for header has.

[cakarlen]

Ah, you're correct. I connected to a VPN and can confirm that the IP shown in the Plex dashboard was my public IP while on the VPN. I think the problem I realized is that if I talk to Plex locally (while on LAN), the Plex dashboard will show the container IP address (ex: 172.18.0.5), instead of my LAN IP address (ex: 192.168.1.10).

Is there a way to fix that issue?

[lostb1t]

Ah, you're correct. I connected to a VPN and can confirm that the IP shown in the Plex dashboard was my public IP while on the VPN. I think the problem I realized is that if I talk to Plex locally (while on LAN), the Plex dashboard will show the container IP address (ex: 172.18.0.5), instead of my LAN IP address (ex: 192.168.1.10).

Is there a way to fix that issue?

can you post a trace log from replex?

[lostb1t]

Also im unsure how a direct connection ever happens. All clients should connect to your custom server url and therefor caddy. Only the web client might be local if you dont use the domain name, do you have any other values in the custom server url?

[cakarlen]

I don't have any other custom server URLs other than my public URL (ex: https://plex.mydomain.com).

I've added the RUST_LOG env variable, but should I expect the trace logs to write to stdout/stderr by viewing my compose logs with docker compose logs replex -f or to a file? Sorry, not too familiar with Rust inter-workings.

[lostb1t]

no worries, yeah should show up there (stdout/stderr)

[cakarlen]

Awesome. So after adding the env variable and navigating to Plex + attempting to watch some media, here is a small subset of the request header logs:

"x-forwarded-for": "192.168.1.11", "x-forwarded-host": "plex.mydomain.com", "x-forwarded-proto": "https", "x-real-ip": "192.168.1.11"

In this case, both headers X-Forwarded-For and X-Real-IP are showing my correct LAN IP.

[lostb1t]

but the dashboard says otherwise? thats strange

[cakarlen]

That is correct. Plex dashboard will show the replex container IP address instead. I can provide my Caddyfile (or any other file for that matter) if needed to help troubleshoot.

[lostb1t]

could you maybe add the ip ir subnet mask (192.168.1.1/24) to plex LAN networks? (under network) and see if that changes anything

[cakarlen]

I actually did that first thing when I setup replex. Here is what I have configured under "LAN networks". Notice the 172.18.0.0/16 entry to account for any local device watching Plex media, but again, the Plex dashboard shows the replex container IP despite this:

[cakarlen]

After doing some digging, I noticed folks who have this same problem using just Plex were able to solve this issue by running the Plex container using the host network (network_mode: host). Since replex is not compatible with that configuration, I'm wondering if there's another way to accomplish the same thing.

[jl94x4]

On mine, on dashboard it shows my public address and not the container address/local

[jl94x4]

After doing some digging, I noticed folks who have this same problem using just Plex were able to solve this issue by running the Plex container using the host network (network_mode: host). Since replex is not compatible with that configuration, I'm wondering if there's another way to accomplish the same thing.

My Plex is running as host and REPLEX is working fine?

I couldn't get REPLEX to work any other way.

[lostb1t]

After doing some digging, I noticed folks who have this same problem using just Plex were able to solve this issue by running the Plex container using the host network (network_mode: host). Since replex is not compatible with that configuration, I'm wondering if there's another way to accomplish the same thing.

yes this seems like a plex bug.

Unfortunately host mode does not work for replex as plex will connect direct to plex itself and bypass replex. (and will still use custom url for most clients)

theres currently no solution for this. Maybe ask plex to fix it?

[lostb1t]

@jl94x4 it depends on the client. Some clients dint allow unsecured connections so always need https. Some dont and will connect directly to plex when in host mode

[cakarlen]

@lostb1t Do you have this problem? If not, would you be able to share a redacted Dockerfile or Caddyfile since if that works for you, it should work for me (and maybe others)?

[lostb1t]

its not a configuration issue, its a plex issue. I have the same. Plex does not listen the forwarded headers when its a local ip 🤷‍♂️

[cakarlen]

Ah ok, gotcha. Well if this is truly a Plex issue, I think we can close this issue out. Thanks for helping troubleshoot this