Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update nginx reverse proxy docs #18922

Merged
merged 2 commits into from
Feb 26, 2022
Merged

Update nginx reverse proxy docs #18922

merged 2 commits into from
Feb 26, 2022

Conversation

eeyrjmr
Copy link
Contributor

@eeyrjmr eeyrjmr commented Feb 26, 2022

The present documentation on using nginx includes the bare minimum required ( proxy_pass). However, there are 4 more lines required to ensure gitea receives key header information. This is useful for logs

@eeyrjmr
Update nginx reverse proxy docs
056f972 
Add additional config lines for the set_header to forward additional information (eg the IP)
@silverwind
Copy link
Member

X-Real-IP is redundant there, the remote IP is already in X-Forwarded-For.

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Feb 26, 2022
@silverwind
Copy link
Member

silverwind commented Feb 26, 2022
edited
Loading

Also Host seems unecessary as that is nginx's default behaviour according to https://stackoverflow.com/a/39716709/808699.

Edit: I guess that one has a purpose actually so gitea does not receive localhost.

@eeyrjmr
Copy link
Contributor Author

eeyrjmr commented Feb 26, 2022
edited
Loading

X-Real-IP is redundant there, the remote IP is already in X-Forwarded-For.

Depends. X-Real-IP is the ip of interest while X-Forwarded-For will contain all the hops (and the last one is typically the ip of interest).

What header is used within gitea for logging. If it utilises the X-Forwarded-For then yes X-Real-IP can be dropped

@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Feb 26, 2022
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Feb 26, 2022
@Gusted Gusted added the type/docs This PR mainly updates/creates documentation label Feb 26, 2022
@Gusted Gusted added this to the 1.17.0 milestone Feb 26, 2022
@codecov-commenter
Copy link

Codecov Report

❗ No coverage uploaded for pull request base (main@bf2867d). Click here to learn what that means.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main   #18922   +/-   ##
=======================================
  Coverage        ?   46.58%           
=======================================
  Files           ?      854           
  Lines           ?   122565           
  Branches        ?        0           
=======================================
  Hits            ?    57098           
  Misses          ?    58573           
  Partials        ?     6894

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update bf2867d...f68836b. Read the comment docs.

@6543 6543 merged commit aa60cd9 into go-gitea:main Feb 26, 2022
@silverwind
Copy link
Member

What header is used within gitea for logging

REVERSE_PROXY_LIMIT: 1: Interpret X-Forwarded-For header or the X-Real-IP header and set this as the remote IP for the request.

It is either X-Forwarded-For (semi-standard) or X-Real-IP (non-standard), not both. This should not have landed.

zjjhot added a commit to zjjhot/gitea that referenced this pull request Feb 27, 2022
@zjjhot
Merge remote-tracking branch 'giteaofficial/main'
835165e 
* giteaofficial/main:
  Fix page and missing return on unadopted repos API (go-gitea#18848)
  [skip ci] Updated licenses and gitignores
  Allow adminstrator teams members to see other teams (go-gitea#18918)
  Update nginx reverse proxy docs (go-gitea#18922)
  Don't treat BOM escape sequence as hidden character. (go-gitea#18909)
  Remove CodeMirror dependencies (go-gitea#18911)
  Uncapitalize errors (go-gitea#18915)
  Disable service worker by default (go-gitea#18914)
  Set is_empty in fixtures (go-gitea#18869)
  Don't update email for organisation (go-gitea#18905)
  Correctly link URLs to users/repos with dashes, dots or underscores (go-gitea#18890)
  Set is_private in fixtures. (go-gitea#18868)
  Fix team management UI (go-gitea#18886)
  Update JS dependencies (go-gitea#18898)
  Fix migration v210 (go-gitea#18892)
  migrations: add test for importing pull requests in gitea uploader (go-gitea#18752)
@eeyrjmr
Copy link
Contributor Author

eeyrjmr commented Mar 4, 2022

What header is used within gitea for logging

REVERSE_PROXY_LIMIT: 1: Interpret X-Forwarded-For header or the X-Real-IP header and set this as the remote IP for the request.

It is either X-Forwarded-For (semi-standard) or X-Real-IP (non-standard), not both. This should not have landed.

Debatable.
There is plenty of recommendations to include both and this PR was written while helping an individual on discord deal with missing log IP (followed existing docs)

Maybe dropping X-Real-IP but has that been tested ?

Chianina pushed a commit to Chianina/gitea that referenced this pull request Mar 28, 2022
@eeyrjmr @lunny
Update nginx reverse proxy docs (go-gitea#18922)
e60fbb4 
Add additional config lines for the set_header to forward additional information (eg the IP)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
@go-gitea go-gitea locked and limited conversation to collaborators Apr 28, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@techknowlogick techknowlogick techknowlogick approved these changes

@zeripath zeripath zeripath approved these changes

Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. type/docs This PR mainly updates/creates documentation
Projects
None yet
Milestone
1.17.0
Development

Successfully merging this pull request may close these issues.
9 participants
@eeyrjmr @silverwind @codecov-commenter @techknowlogick @zeripath @GiteaBot @6543 @Gusted @lunny