aboutsummaryrefslogtreecommitdiffstats
path: root/modules
diff options
context:
space:
mode:
authorLauris BH <lauris@nix.lv>2021-03-16 00:27:28 +0200
committerGitHub <noreply@github.com>2021-03-16 00:27:28 +0200
commit044cd4d016196e8c7091eee90b7e6f230bba142f (patch)
tree35f060380813f99588966339c5ddf796a8b8c451 /modules
parent6e423d5573c20b78d6e21cb044e8f4d5de5b288a (diff)
downloadgitea-044cd4d016196e8c7091eee90b7e6f230bba142f.tar.gz
gitea-044cd4d016196e8c7091eee90b7e6f230bba142f.zip
Add reverse proxy configuration support for remote IP address (#14959)
* Add reverse proxy configuration support for remote IP address validation * Trust all IP addresses in containerized environments by default * Use single option to specify networks and proxy IP addresses. By default trust all loopback IPs Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Diffstat (limited to 'modules')
-rw-r--r--modules/setting/setting.go10
1 files changed, 10 insertions, 0 deletions
diff --git a/modules/setting/setting.go b/modules/setting/setting.go
index 60e433b1a2..9d27a5d743 100644
--- a/modules/setting/setting.go
+++ b/modules/setting/setting.go
@@ -169,6 +169,8 @@ var (
CookieRememberName string
ReverseProxyAuthUser string
ReverseProxyAuthEmail string
+ ReverseProxyLimit int
+ ReverseProxyTrustedProxies []string
MinPasswordLength int
ImportLocalPaths bool
DisableGitHooks bool
@@ -819,8 +821,16 @@ func NewContext() {
LogInRememberDays = sec.Key("LOGIN_REMEMBER_DAYS").MustInt(7)
CookieUserName = sec.Key("COOKIE_USERNAME").MustString("gitea_awesome")
CookieRememberName = sec.Key("COOKIE_REMEMBER_NAME").MustString("gitea_incredible")
+
ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER")
ReverseProxyAuthEmail = sec.Key("REVERSE_PROXY_AUTHENTICATION_EMAIL").MustString("X-WEBAUTH-EMAIL")
+
+ ReverseProxyLimit = sec.Key("REVERSE_PROXY_LIMIT").MustInt(1)
+ ReverseProxyTrustedProxies = sec.Key("REVERSE_PROXY_TRUSTED_PROXIES").Strings(",")
+ if len(ReverseProxyTrustedProxies) == 0 {
+ ReverseProxyTrustedProxies = []string{"127.0.0.0/8", "::1/128"}
+ }
+
MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6)
ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false)
DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(true)