Setting FORWARDED_ALLOW_IPS no longer works with Umbrel 0.5 and LNURLw fails with 426 UPGRADE REQUIRED

[bezysoftware]

LNbits's lnurlw extension could be configured to run behind proxy using FORWARDED_ALLOW_IPS env variable in Umbrel 0.4 (#612), but with the latest release this no longer works. I suspect it's due to their app-proxy containers which take care of authentication, but they also route requests to lnbits.

[dni]

did that issue resolve? can i help with that, which proxy are you using? i see original issue is closed. https://github.com/lnbits/lnbits-legend/issues/612 if that solved your issue also, can you close this one?

[johnongit]

You can fix this issue by applying some modification in docker-compose file. https://github.com/getumbrel/umbrel-apps/blob/51be3f33eafb010d0700be4455704b8c0fbff01b/lnbits/docker-compose.yml

[schneimi]

There is a missing end quote in the suggested file.

Doesn't fix it for me unfortunately. My problem since the update is that {{ request.base_url }} is resolved to "https,http://mydomain.com/" with FORWARDED_ALLOW_IPS. Without it's "http://mydomain.com/".

[johnongit]

The new app proxy in default configuration erase x-forwarded-proto https to http. Forwarded allow ips is working as expected but the umbrel app proxy erase the expected behavior.

Per app, app proxy can modified by adding PROXY_TRUST_UPSTREAM: "true".

I'm currently using this setup With https://lnb-fm.exp.myln.exp (traefik+ ip2tor + lnbits app proxy hidden service)

[kieselbert]

@johnongit Hi I am also affected from this issue and also use traefik as proxy. maybe you can share your traefik settings? FORWARDED_ALLOW_IPS does not longer work

"pydantic.error_wrappers.ValidationError: 2 validation errors for LnurlPayResponse" "callback" "URL host invalid, top level domain required (type=value_error.url.host)" "URL scheme not permitted (type=value_error.url.scheme; allowed_schemes={'https'})"