Closed 0x1a8510f2 closed 3 years ago
Does your reverse proxy have a means of logging exactly what the X-Real-IP
value is that it's sending to Dendrite? All we do is split by commas (if there are any) and take the first value, nothing else. I am using this with X-Forwarded-For
on my own Dendrite installation with nginx and it is working fine.
@neilalexander not that I know of but, if required I can temporarily have it send requests to a netcat listener for debugging. However, I've tried changing* the header to X-Forwarded-For
and that worked. That makes me wonder if perhaps the issue is related to how these headers behave differently? X-Forwarded-For
is supposed to be a list while X-Real-IP
is only supposed to be a single address.
* On the Caddy side I simply removed the X-Real-IP
header because X-Forwarded-For
is sent implicitly.
Tested this with my own Dendrite, using the following nginx directive:
proxy_set_header X-Real-IP $remote_addr;
... and setting the header to X-Real-IP
in dendrite.yaml
:
real_ip_header: X-Real-IP
The remote address is shown properly, as expected, so I am not sure there's a problem in Dendrite here.
Interesting. I can't identify any issues with my config, but seeing as nobody else reported that issue, and I can work around it by using X-Forwarded-For
, I think it's fair to assume it's just something with my setup and close the issue. Thanks for looking into it though!
Background information
go version
: Whatever the official 0.4.1 image was built withDescription
The
real_ip_header
setting indendrite.yaml
appears to have no effect, see Element Web screenshot below:This happens despite the following Dendrite configuration:
and the following (relevant) webserver (Caddy) configuration:
Worth noting is that the same config works fine for Synapse.