[Enhancement] How to make all clients mutually visible to each other?

hexclann commented 1 month ago

I have a private pairdrop instance with coturn on a VPS behind Cloudflare proxy. Since I use it for my own devices, I would like to have all the clients visible to each other by default even if they are on different networks.

In my nginx config I've commented out the X-Forwarded-For and during the docker deployment I have set the IPV6_LOCALIZE=7 but I'm unable to see the devices which are on different networks.

Im aware of the room sharing feature but I want to have the above setup for easy access. How can I achieve this?

schlagmichdoch commented 1 month ago

The IPV6_LOCALIZE variable only works, if PairDrop only sees v6 IP addresses. Probably, this is not the case for your setup.

There might be a hackish way to do it: Setting the x-forwarded-for header to a static value should have the desired effect. Then PairDrop gets the same (fake) IP address for all devices, so they should be mutually visible:

proxy_set_header X-Forwarded-For "127.0.0.1";

Enabling this behavior via env var is not implemented yet, but I’ll probably add it soon as more users have requested something along these lines.

Todo:

Implement environment variable(s) to switch on/off pairing and public rooms
- This hides the buttons and dialogs from users and deactivates the api on the backend
Implement environment variable to make all devices see each other mutually
- if set to true this should set environment variables for pairing and public rooms to false (if not set by user)
Add docs and example as docker-compose-local-network.yml

hexclann commented 1 month ago

I added the header but I couldn't see clients if they are not in the same network. This is my nginx proxy config:

location / {
        proxy_http_version          1.1;
        proxy_set_header            Host $host;
        proxy_set_header            Connection "";
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header X-Forwarded-For "127.0.0.1";
        proxy_pass http://127.0.0.1:20000;
    }

I restarted the docker container and nginx but no luck. Do I need to recreate the container without the IPV6_LOCALIZE variable?

schlagmichdoch commented 1 month ago

You don’t need the IPv6 localize variable. Try to set DEBUG_MODE=true and take a look at the docker log when connecting two devices on different networks. It should hint in the right direction: https://github.com/schlagmichdoch/PairDrop/blob/master/docs/host-your-own.md#debug-mode

hexclann commented 1 month ago

I relaunched the container with debug mode enabled, here's the log:

When clients are on different networks (invisible):


PairDrop is running on port 3000

----DEBUGGING-PEER-IP-START----
remoteAddress: ::ffff:172.17.0.1
x-forwarded-for: 127.0.0.1
cf-connecting-ip: MY.VPS.IP.ADDRESS
PairDrop uses: MY.VPS.IP.ADDRESS
IP is private: false
if IP is private, '127.0.0.1' is used instead
----DEBUGGING-PEER-IP-END----
Connection to localhost (::1) 3000 port [tcp/*] succeeded!
[ls.io-init] done.

----DEBUGGING-PEER-IP-START----
remoteAddress: ::ffff:172.17.0.1
x-forwarded-for: 127.0.0.1
cf-connecting-ip: undefined
PairDrop uses: 127.0.0.1
IP is private: false
if IP is private, '127.0.0.1' is used instead
----DEBUGGING-PEER-IP-END----

----DEBUGGING-PEER-IP-START----
remoteAddress: ::ffff:172.17.0.1
x-forwarded-for: 127.0.0.1
cf-connecting-ip: MY.VPS.IP.ADDRESS
PairDrop uses: MY.VPS.IP.ADDRESS
IP is private: false
if IP is private, '127.0.0.1' is used instead
----DEBUGGING-PEER-IP-END----

----DEBUGGING-PEER-IP-START----
remoteAddress: ::ffff:172.17.0.1
x-forwarded-for: 127.0.0.1
cf-connecting-ip: MY.VPS.IP.ADDRESS
PairDrop uses: MY.VPS.IP.ADDRESS
IP is private: false
if IP is private, '127.0.0.1' is used instead
----DEBUGGING-PEER-IP-END----

----DEBUGGING-PEER-IP-START----
remoteAddress: ::ffff:172.17.0.1
x-forwarded-for: 127.0.0.1
cf-connecting-ip: undefined
PairDrop uses: 127.0.0.1
IP is private: false
if IP is private, '127.0.0.1' is used instead
----DEBUGGING-PEER-IP-END----

when clients are on the same network: (visible)

----DEBUGGING-PEER-IP-START----
remoteAddress: ::ffff:172.17.0.1
x-forwarded-for: 127.0.0.1
cf-connecting-ip: undefined
PairDrop uses: 127.0.0.1
IP is private: false
if IP is private, '127.0.0.1' is used instead
----DEBUGGING-PEER-IP-END----

----DEBUGGING-PEER-IP-START----
remoteAddress: ::ffff:172.17.0.1
x-forwarded-for: 127.0.0.1
cf-connecting-ip: undefined
PairDrop uses: 127.0.0.1
IP is private: false
if IP is private, '127.0.0.1' is used instead
----DEBUGGING-PEER-IP-END----

schlagmichdoch commented 1 month ago

Thanks for the logs!

Is MY.VPS.IP.ADDRESS the ip of the server you are running PairDrop on? Is this after you added the overwrite to the nginx conf? If yes, could you please also provide logs without the overwrite?

When behind cloudflare, the CF-Connecting-IP header should normally include the real visitor ip address of the clients. This does not seem to work. Can you take a look whether Remove visitor IP headers is correctly disabled? https://developers.cloudflare.com/fundamentals/reference/http-request-headers/#cf-connecting-ip

As CF-Connecting-IP is prioritized over X-Forwarded-For the easiest would be to use that instead:

proxy_set_header CF-Connecting-IP "127.0.0.1";

schlagmichdoch / PairDrop

[Enhancement] How to make all clients mutually visible to each other? #301