Cloudflare template broken again

This is a similar issue to Issue with Cloudflare template, but this time Cloudflare appears to have removed the trailing line break from the IPv4 list, resulting in the following output (comment added to indicate problem):

set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 104.16.0.0/13;
set_real_ip_from 104.24.0.0/14;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 131.0.72.0/222400:cb00::/32;  # PROBLEM HERE
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2a06:98c0::/29;
set_real_ip_from 2c0f:f248::/32;

I’m currently on f568633bf060c18cc0866b4018842ce9ec9da33a (latest main).

Here’s a quick demo command that should work with or without trailing line breaks. It doesn’t include the escaping from the original script and will need to be adapted accordingly.

{ wget https://www.cloudflare.com/ips-v4/ -O - && echo && wget https://www.cloudflare.com/ips-v6/ -O -; } | sed '/^$/d; s/.*/set_real_ip_from &;/'
4 Likes

Changing the first part of the template’s script to the following resolves the issue and correctly handles extraneous line breaks:

#!/bin/bash -e
# Download list of CloudFlare ips
wget https://www.cloudflare.com/ips-v4/ -O - > /tmp/cloudflare-ips
echo >> /tmp/cloudflare-ips
wget https://www.cloudflare.com/ips-v6/ -O - >> /tmp/cloudflare-ips
# Make into nginx commands and escape for inclusion into sed append command
CONTENTS=$(</tmp/cloudflare-ips sed '/^$/d; s/^.*/set_real_ip_from &;/' | tr '\n' '\\' | sed 's/\\/\\n/g')
3 Likes

PR: Fix line break handling in Cloudflare template by Zenexer · Pull Request #558 · discourse/discourse_docker · GitHub

6 Likes

Is this issue also related to the above? @AntiMetaman

I had been migrating and changing droplet many times but still i m not able to stop 502 error after rebuild, more details here Discourse updated from admin, not working after rebuild. Fatal error, site does not load anymore after rebuild

When will this likely be fixed? Please let us know once its fixed so we can try again rebuild and avoid crashing on 502 again. @Zenexer

1 Like

Thanks for the PR @Zenexer ! Merged it in!

6 Likes

This topic was automatically closed after 17 hours. New replies are no longer allowed.