Last IP address and action_dispatch.trusted_proxies

We don’t use trusted_proxies in our hosted environment; we adjust the nginx config to set X-Real-IP directly, since, IIRC, the RemoteIp middleware prefers that over XFF. The pups exec stanza we use looks like this:

- replace:
    filename: /etc/nginx/conf.d/discourse.conf
    from: "types {"
    to: |
      set_real_ip_from 10.0.0.0/24;
      set_real_ip_from 172.17.0.0/24;
      real_ip_header X-Forwarded-For;
      real_ip_recursive on;
      types {
5 Likes