eightball/all-in-one
1
0
Fork 0
mirror of https://github.com/nextcloud/all-in-one.git synced 2025-12-20 06:26:57 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

add CGNAT range to Caddy and document support for additional trusted proxies to rp docs (#6703)

Browse source 
Signed-off-by: Alan Savage <3028205+asavageiv@users.noreply.github.com>
Signed-off-by: Alan Savage <asavageiv@users.noreply.github.com>
Signed-off-by: Simon L. <szaimen@e.mail.de>
Co-authored-by: Alan Savage <3028205+asavageiv@users.noreply.github.com>
Co-authored-by: Simon L. <szaimen@e.mail.de>
This commit is contained in:
Alan Savage 2025-08-22 04:43:55 -07:00 committed by GitHub
parent 4b4184f248
commit 49aa732ec5
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 35 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Containers/apache/start.sh
View file

@ -46,7 +46,9 @@ echo "$CADDYFILE" > /tmp/Caddyfile
# Change the trusted_proxies in case of reverse proxies
if [ "$APACHE_PORT" != '443' ]; then
CADDYFILE="$(sed 's|# trusted_proxies placeholder|trusted_proxies static private_ranges|' /tmp/Caddyfile)"
# Here the 100.64.0.0/10 range gets added which is the CGNAT range used by Tailscale nodes
# See https://github.com/nextcloud/all-in-one/pull/6703 for reference
CADDYFILE="$(sed 's|# trusted_proxies placeholder|trusted_proxies static private_ranges 100.64.0.0/10|' /tmp/Caddyfile)"
else
CADDYFILE="$(sed "s|# trusted_proxies placeholder|trusted_proxies static $IPv4_ADDRESS|" /tmp/Caddyfile)"
fi