How to set set_real_ip_from for discourse

It seems I got it fixed by adding another template named customip.template.yml and adding it to app.yml.

I organized the content of the template like the following

run:
  - file:
      path: /tmp/add-custom-ips
      chmod: +x
      contents: |
        #!/bin/bash -e
        # Add list of custom ips
        echo "1.2.3.4" > /tmp/custom-ips
        # Make into nginx commands and escape for inclusion into sed append command
        CONTENTS=$(</tmp/custom-ips sed 's/^/set_real_ip_from /' | sed 's/$/;/' | tr '\n' '\\' | sed 's/\\/\\n/g')
        
        echo custom IPs:
        echo $(echo | sed "/^/a $CONTENTS")
        # Insert into discourse.conf
        sed -i "/sendfile on;/a $CONTENTS\nreal_ip_header X-Forwarded-For;\nreal_ip_recursive on;" /etc/nginx/conf.d/discourse.conf
        # Clean up
        rm /tmp/custom-ips

  - exec: "/tmp/add-custom-ips"
  - exec: "rm /tmp/add-custom-ips"

I don’t know to what extent my solution is correct and well organized. but it seems it just worked for me.

5 Likes