[BUG] Installation process step 3 not possible when already integrated in traefik and authelia

[CDaxi]

Describe the bug
If you use the Docker image from linux servers (lscr.io/linuxserver/freshrss), there will be a fatal error thrown when calling httpAuthUser() in step 3 of the installation.

<br />
--
  | <b>Fatal error</b>:  Uncaught FreshRSS_Context_Exception: System configuration not initialised! in /app/www/lib/lib_rss.php:670
  | Stack trace:
  | #0 /app/www/lib/lib_rss.php(685): checkTrustedIP()
  | #1 /app/www/app/install.php(571): httpAuthUser()
  | #2 /app/www/app/install.php(738): printStep3()
  | #3 /app/www/p/i/index.php(30): require('...')
  | #4 {main}
  | thrown in <b>/app/www/lib/lib_rss.php</b> on line <b>670</b><br />

httpAuthUser will call checkTrustedIP but the configuration about the trusted IP is not done at this point.
This means $_SERVER['HTTP_REMOTE_USER'] is present, checkTrustedIP is executed but not configured now and there is no check if you are at the installation process.

To Reproduce

• Docker installation with traefik reverse proxy and authelia SSO
• Should also be reproduceble when http header "Remote-User" is present and step 3 is shown in browser.

Expected behavior
At least a installation process which can be completed.
To have a full working authetication with trusted http headers will need the trusted ip configuration too which is not shown in the installation.

My personal expectation will be to have at least the checkTrustedIP function written in a way that it detects a FreshRSS installation process and accept any IP at this point.

Screenshots
n/a

Environment information (please complete the following information):

• Device: any
• OS: any
• Browser: any
• FreshRSS version: 1.21.0
• Database version: sqlite
• PHP version: 8.1
• Installation type: Docker

Additional context

• Docker configured
• Traefik working as reverse proxy
• Authelia configured as SSO container
• New FreshRSS docker container already configured with needed docker labels for traefik and authelia

[Alkarex]

Thanks for the bug report. Should be fixed by #5358 (not much tested yet)
Would you be able to test? Let me know.

To test, you can for instance instruct your Docker or docker-compose to build from git:

    build:
      context: https://github.com/Alkarex/FreshRSS.git#trusted_sources-install
      dockerfile: Docker/Dockerfile-Alpine

• https://github.com/FreshRSS/FreshRSS/blob/edge/Docker/README.md#build-custom-docker-image
• https://github.com/FreshRSS/FreshRSS/blob/edge/Docker/freshrss/docker-compose.yml

[CDaxi]

OK:
The installation form issue is fixed.

Still an issue:
At the config.php:

• auth_type is still set to "form"
• trusted_sources will not contain the ip

There should be at least an information that these data has to manually changed by the admin.
The better way would be to add the input for trusted_sources at the installation process and display it only if the http_auth is selected.

Thanks for the quick response to my issue.

[Alkarex]

Related change: #5549
Tests and feedback welcome