Noteworthy
-
Behind a reverse proxy, AfterTouch now resolves the client IP from
X-Forwarded-Foronly.
⚠️ The previous chiRealIPmiddleware also readX-Real-IP
andTrue-Client-IP; those headers are no longer consulted. If
your reverse proxy only setsX-Real-IP, configure it to set
X-Forwarded-Forinstead (for nginx:
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;). This change
comes with the chi v5.3.0 update, whose newClientIPmiddleware closes
IP-spoofing weaknesses present in the oldRealIP. Default LAN and on-device
deployments are unaffected: without a reverse proxy,trust_forwarded_headers
defaults off and the peer socket IP is used directly. -
A hand-authored
settings.jsonis no longer overwritten on first start.
The service decided "first run" from an emptyserver_urland would write a
fresh defaultsettings.json, discarding operator-set keys (for example a
trust_forwarded_headersyou added before the first start while passing
server_urlvia the--server-urlflag). First run is now detected by the
absence ofsettings.json, so an existing file is always preserved; a
genuinely empty data dir still gets defaults and the volume-not-persisted
notice.
What's Changed
- fix(security): migrate chi RealIP → ClientIP (chi v5.3.0) by @gesellix in #538
- fix(service): don't clobber a hand-authored settings.json on first run by @gesellix in #539
- docs: move proxy client-IP guidance to the deployment walkthrough by @gesellix in #540
Full Changelog: v0.116.0...v0.117.0