Issue with Cloudflare template

Stephen · October 30, 2015, 5:52pm

Recent rebuilds with Cloudflare support enabled through the official template result in an erroneous line appearing in /etc/nginx/conf.d/discourse.conf:

set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 199.27.128.0/21;
set_real_ip_from ;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;

The result is that the Discourse instance becomes unavailable, with the production.log flooded by:

invalid number of arguments in "set_real_ip_from" directive in /etc/nginx/conf.d/discourse.conf

Commenting out the line immediately resolves the issue.

Has the source data at Cloudflare changed? At the minimum it looks like they might be sending a blank row that will need trimming to avoid recurrences of this issue.

codinghorror · October 30, 2015, 7:57pm

We need to fix this @riking @mpalmer

mpalmer · October 30, 2015, 8:08pm

Ooh, that’s no good. I’ll sort that out right now.

Stephen · October 30, 2015, 8:50pm

Presumably users will have to update their docker images to benefit from the fix? Anyone who just rebuilds will end up in the same position as us?

mpalmer · October 30, 2015, 9:04pm

Yes, users will have to pull the latest discourse_docker changes to get the fix, but that is (or at least should be) standard procedure.

Stephen · October 30, 2015, 9:35pm

Standard procedure for what?

mpalmer · October 30, 2015, 9:36pm

Standard procedure for anyone seeing a problem with their Discourse site on rebuild.

Stephen · October 30, 2015, 9:54pm

Do you have any way of telling how many installs use Cloudflare @codinghorror? Unless Cloudflare correct their data this issue is likely to impact every install which uses the template. I’d hate for others to experience the same outage and impact as we have today.

codinghorror · October 30, 2015, 10:00pm

It’s probably a fairly low number that use the CF template, as it is a very advanced user kind of thing.

mpalmer · October 30, 2015, 10:03pm

I’ve pushed an update which will fix the reported problem. A git pull should get it and a ./launcher rebuild thereafter should produce a working config.

Stephen · October 30, 2015, 10:04pm

Will wait until we’re out of peak time before I test, so should be able to provide an update within 12 hours.

codinghorror · November 1, 2015, 10:05pm

This topic was automatically closed after 2 days. New replies are no longer allowed.

Topic		Replies	Views
Suggestion for Cloudflare template to get real IP from users installation	3	631	November 28, 2022
CloudFlare and Real IP installation	8	388	January 17, 2024
Cloudflare template not working when there is an intermediate proxy installation	2	335	May 10, 2022
Urgent: Site down after upgrade to 1.6.4 due to Cloudflare template support	22	2226	September 29, 2016
Cloudflare template broken again bug	5	895	August 16, 2021

Issue with Cloudflare template

Related Topics