Detect actual IP address when behind reverse proxy

[BrainStone]

Not sure if I should classify this as a bug or a feature request.

The issue at play is that if I run Iris behind a reverse proxy (for https mainly but also nicer URLs and redirecting to iris when you open the just the / path) with proper headers set (like X-Real-IP), Iris still detects 127.0.0.1 as the origin IP.

Config I use:

server {
        listen 80 default_server;

        server_name radio.xxx.local;

        proxy_http_version 1.1;
        proxy_read_timeout 600s;
        location = / {
                return 301 /iris/;
        }

        location / {
                proxy_pass        http://127.0.0.1:6680/;
                proxy_redirect    off;
                proxy_set_header  Host             $host;
                proxy_set_header  X-Real-IP        $remote_addr;
                proxy_set_header  X-Forwarded-For  $proxy_add_x_forwarded_for;
                proxy_set_header  Upgrade          $http_upgrade;
                proxy_set_header  Connection       $http_connection;
        }
}

[kingosticks]

This won't help with your actual issue but you may be interested in Mopidy's new default_app config setting (https://docs.mopidy.com/en/latest/ext/http/#confval-http/default_app).

[BrainStone]

That is actually quite useful and I will use it instead of the redirect in the nginx config.
Though that still doesn't eliminate the need for a reverse proxy as I want to have it over HTTPS.

[jaedb]

In theory this should already be supported (see handlers.py). I run a reverse proxy through Apache and it works well. There must be a difference between ngnix's reverse proxy and Apache's. I suspect the culprit might be with a different handling of X-Forwarded-For and X-Real-IP?

[BrainStone]

The thing is I set both headers. So not sure what's going on there.