Add ability to configure NGINX to show correct IP in logs
At the moment, NGINX will be using the IP which initiated the connection in the logs which could be misleading if you are using it behind a load balancer. This patch adds the ability to be able to configure the hosts which can send the semi-standard X-Forwarded-For header in order to show the right IP in the logs. Change-Id: I9006dbb15837178cee7de869372c901040095e2b
This commit is contained in:
parent
8fceb54c24
commit
5173d0f1fc
|
@ -487,3 +487,6 @@ keystone_uwsgi_init_overrides: {}
|
|||
# - parameter: "Access-Control-Allow-Origin"
|
||||
# value: "*"
|
||||
keystone_extra_headers: []
|
||||
|
||||
# List of trusted IPs which can pass X-Forwarded-For
|
||||
keystone_set_real_ip_from: []
|
||||
|
|
|
@ -27,6 +27,11 @@ server {
|
|||
add_header Content-Security-Policy "default-src 'self' https: wss:;";
|
||||
add_header X-Frame-Options {{ keystone_x_frame_options | default ('DENY') }};
|
||||
|
||||
real_ip_header X-Forwarded-For;
|
||||
{% for ip in keystone_set_real_ip_from %}
|
||||
set_real_ip_from {{ ip }};
|
||||
{%- endfor %}
|
||||
|
||||
location / {
|
||||
try_files $uri @yourapplication;
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue