Home A - Z

An Otter Wiki

Commit 33bd57

2025-12-23 16:17:54 deseven: added headers to all reverse proxy configs, updated configuration section
configuration.md ..
@@ 155,8 155,8 @@
### Reverse Proxy and IPs
- Running the docker container behind a reverse proxy will show only the IP of the reverse proxy in the log files. With setting `REAL_IP_FROM` to the ip address of the reverse proxy, the IPs of the connection clients will be logged.
+ Running the docker container behind a reverse proxy will show only the IP of the reverse proxy in the log files. With setting `REAL_IP_FROM` to the ip address or network of the reverse proxy, the IPs of the connection clients will be logged.
- | Variable | Example | Description |
- |------------------|------------------|----------------------------------------------|
- | `REAL_IP_FROM` | `'10.0.0.0/8'` | Configure nginx to respect `real_ip_header`, see <http://nginx.org/en/docs/http/ngx_http_realip_module.html> |
+ | Variable | Example | Description |
+ |------------------|-------------------|----------------------------------------------|
+ | `REAL_IP_FROM` | `'172.20.0.0/24'` | Configure wiki to respect `X-Real-IP` header in the requests coming from this IP or network. |
installation.md ..
@@ 211,6 211,8 @@
Mini how-tos for configuring Apache, NGINX and Caddy are provided below. For
more detailed informations please check the corresponding software documentation.
+ Also check out [[Configuration]] for additional info on passing real IPs to the wiki.
+
## NGINX
This is a minimal example of a config that configures NGINX as a reverse proxy.
@@ 227,6 229,7 @@
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
+ proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:8080;
client_max_body_size 64M; # for attachments of a size up to 64 Mb
}
@@ 261,15 264,20 @@
It's assumed that An Otter Wiki is running either in a docker container or as a uwsgi process and listening on port 8080.
- ```
+ ```apache
<VirtualHost *:*>
ServerName wiki.domain.tld
ProxyPreserveHost On
ProxyPass / http://0.0.0.0:8080/
ProxyPassReverse / http://0.0.0.0:8080/
+ ProxyAddHeaders On
+ RequestHeader set X-Forwarded-Proto "http"
+ RequestHeader set X-Real-IP %{REMOTE_ADDR}e
</VirtualHost>
```
+ If you're using HTTPS, change `X-Forwarded-Proto "http"` to `X-Forwarded-Proto "https"` and `RequestHeader set X-Real-IP %{REMOTE_ADDR}e` to `RequestHeader set X-Real-IP %{REMOTE_ADDR}s`.
+
### Apache on Debian, Ubuntu and derivates
- Install apache2 via `apt install -y apache2`
@@ 298,7 306,11 @@
```
domain.tld {
- reverse_proxy localhost:8080
+ reverse_proxy localhost:8080 {
+ header_up Host {http.request.host}
+ header_up X-Forwarded-Proto {scheme}
+ header_up X-Real-IP {remote_host}
+ }
}
```
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9