diff options
author | Lauris BH <lauris@nix.lv> | 2021-03-16 00:27:28 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-03-16 00:27:28 +0200 |
commit | 044cd4d016196e8c7091eee90b7e6f230bba142f (patch) | |
tree | 35f060380813f99588966339c5ddf796a8b8c451 /modules | |
parent | 6e423d5573c20b78d6e21cb044e8f4d5de5b288a (diff) | |
download | gitea-044cd4d016196e8c7091eee90b7e6f230bba142f.tar.gz gitea-044cd4d016196e8c7091eee90b7e6f230bba142f.zip |
Add reverse proxy configuration support for remote IP address (#14959)
* Add reverse proxy configuration support for remote IP address validation
* Trust all IP addresses in containerized environments by default
* Use single option to specify networks and proxy IP addresses. By default trust all loopback IPs
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Diffstat (limited to 'modules')
-rw-r--r-- | modules/setting/setting.go | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 60e433b1a2..9d27a5d743 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -169,6 +169,8 @@ var ( CookieRememberName string ReverseProxyAuthUser string ReverseProxyAuthEmail string + ReverseProxyLimit int + ReverseProxyTrustedProxies []string MinPasswordLength int ImportLocalPaths bool DisableGitHooks bool @@ -819,8 +821,16 @@ func NewContext() { LogInRememberDays = sec.Key("LOGIN_REMEMBER_DAYS").MustInt(7) CookieUserName = sec.Key("COOKIE_USERNAME").MustString("gitea_awesome") CookieRememberName = sec.Key("COOKIE_REMEMBER_NAME").MustString("gitea_incredible") + ReverseProxyAuthUser = sec.Key("REVERSE_PROXY_AUTHENTICATION_USER").MustString("X-WEBAUTH-USER") ReverseProxyAuthEmail = sec.Key("REVERSE_PROXY_AUTHENTICATION_EMAIL").MustString("X-WEBAUTH-EMAIL") + + ReverseProxyLimit = sec.Key("REVERSE_PROXY_LIMIT").MustInt(1) + ReverseProxyTrustedProxies = sec.Key("REVERSE_PROXY_TRUSTED_PROXIES").Strings(",") + if len(ReverseProxyTrustedProxies) == 0 { + ReverseProxyTrustedProxies = []string{"127.0.0.0/8", "::1/128"} + } + MinPasswordLength = sec.Key("MIN_PASSWORD_LENGTH").MustInt(6) ImportLocalPaths = sec.Key("IMPORT_LOCAL_PATHS").MustBool(false) DisableGitHooks = sec.Key("DISABLE_GIT_HOOKS").MustBool(true) |