Hi there, I have built a wrapper for your forum API so we can securely get people to post forum messages from our APP without out having to include API keys etc in the APP.
Is there a header I can pass to the API so that requests appear to come from the orginating client I have tried X-Forwarded-For but don’t seem to have had much luck.
# This is the magic to get IP numbers transmitted to Discourse
# See https://meta.discourse.org/t/last-ip-address-and-action-dispatch-trusted-proxies/50098/3?u=pfaffman
- replace:
filename: /etc/nginx/conf.d/discourse.conf
from: "types {"
to: |
set_real_ip_from 192.168.1.0/24;
set_real_ip_from 172.19.0.0/24;
set_real_ip_from 172.18.0.0/24;
set_real_ip_from 172.17.0.0/24;
set_real_ip_from 38.242.7.193/28;
real_ip_recursive on;
real_ip_header X-Forwarded-For;
types {
Appologies if I am not being smart here but is some able to explain this in more detail.
I have found /etc/nginx/conf.d/discourse.conf in the container but it is my understanding that it is created dynamically so making changes from within the container won’t persist restarts. I’ve also found ./config/discourse.conf which has my settings in so I assume I am supposed to add the settings above into that file but again ./config is not persisted.
A gentle nudge in the right direction would be much appreciated.