Users must explicitly give consent for collection of this personal data and the data processor shall be able to demonstrate that the data subject has consented to processing of his or her personal data.
Please note that the maximum penalty for GDPR violation can be up to 20 million euros:
This piece of code collects users' IP address which is qualified as personal data under EU GDPR:
https://github.com/progmaticltd/homebox/blob/66f41d48a0fc6049f648dd57089fdf9cd278e06e/install/roles/remote-access/tasks/ufw-public-access.yml#L25
Users must explicitly give consent for collection of this personal data and the data processor shall be able to demonstrate that the data subject has consented to processing of his or her personal data.
Please note that the maximum penalty for GDPR violation can be up to 20 million euros:
https://gdpr-info.eu/issues/fines-penalties/