summaryrefslogtreecommitdiff
path: root/caddyconfig/httpcaddyfile
diff options
context:
space:
mode:
authorFrancis Lavoie <lavofr@gmail.com>2023-01-10 00:08:23 -0500
committerGitHub <noreply@github.com>2023-01-10 00:08:23 -0500
commit223cbe3d0b50487117c785f0755bb80a9ee65010 (patch)
treecf673da335e7470a50a7f1709464ec3f05e67291 /caddyconfig/httpcaddyfile
parent66ce0c5c635c4ff254ccb92123711534b6461b35 (diff)
caddyhttp: Add server-level `trusted_proxies` config (#5103)
Diffstat (limited to 'caddyconfig/httpcaddyfile')
-rw-r--r--caddyconfig/httpcaddyfile/serveroptions.go11
1 files changed, 11 insertions, 0 deletions
diff --git a/caddyconfig/httpcaddyfile/serveroptions.go b/caddyconfig/httpcaddyfile/serveroptions.go
index 3e206c8..7aa0a2a 100644
--- a/caddyconfig/httpcaddyfile/serveroptions.go
+++ b/caddyconfig/httpcaddyfile/serveroptions.go
@@ -42,6 +42,7 @@ type serverOptions struct {
MaxHeaderBytes int
Protocols []string
StrictSNIHost *bool
+ TrustedProxies []string
ShouldLogCredentials bool
Metrics *caddyhttp.Metrics
}
@@ -176,6 +177,15 @@ func unmarshalCaddyfileServerOptions(d *caddyfile.Dispenser) (any, error) {
}
serverOpts.StrictSNIHost = &boolVal
+ case "trusted_proxies":
+ for d.NextArg() {
+ if d.Val() == "private_ranges" {
+ serverOpts.TrustedProxies = append(serverOpts.TrustedProxies, caddyhttp.PrivateRangesCIDR()...)
+ continue
+ }
+ serverOpts.TrustedProxies = append(serverOpts.TrustedProxies, d.Val())
+ }
+
case "metrics":
if d.NextArg() {
return nil, d.ArgErr()
@@ -269,6 +279,7 @@ func applyServerOptions(
server.MaxHeaderBytes = opts.MaxHeaderBytes
server.Protocols = opts.Protocols
server.StrictSNIHost = opts.StrictSNIHost
+ server.TrustedProxies = opts.TrustedProxies
server.Metrics = opts.Metrics
if opts.ShouldLogCredentials {
if server.Logs == nil {