My EspoCRM instance runs in a Docker container behind an Nginx reverse proxy. Everything has been going well for around 1.5 years, including expansion(s). Thanks to the developers!
However, what bothers me in this setup is that I only see the IP of the Docker instance in the auth protocol, but not the real IP of the user. The same applies to the Apache log file.
I took a closer look at it today. The following configuration is set on the Nginx Reverse Proxy side:
Still, Apache / EspoCRM only shows the internal Docker IP, not the real client IP.
This can be remedied by switching on the Apache module remoteip inside the Docker container:
with the appropriate configuration in the /etc/apache2/conf-available/remoteip.conf file:
Apache must then be restarted:
From this point on, the correct IP is "passed through" to Apache / EscpoCRM. Of course, this configuration is not permanent because it is a Docker instance.
Is there a possibility that you will include this in the Docker development and that the remoteip module will be switched on, for example, via an environment variable (docker-compose)?
Or is there an easier way that I've overlooked?
Best regards
Martin
However, what bothers me in this setup is that I only see the IP of the Docker instance in the auth protocol, but not the real IP of the user. The same applies to the Apache log file.
I took a closer look at it today. The following configuration is set on the Nginx Reverse Proxy side:
Code:
set_real_ip_from 0.0.0.0/0; real_ip_header X-Forwarded-For; real_ip_recursive on; proxy_set_header host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $http_host;
This can be remedied by switching on the Apache module remoteip inside the Docker container:
Code:
a2enmod remoteip
Code:
RemoteIPHeader X-Forwarded-For
Code:
apache2ctl restart
Is there a possibility that you will include this in the Docker development and that the remoteip module will be switched on, for example, via an environment variable (docker-compose)?
Or is there an easier way that I've overlooked?
Best regards
Martin
Comment