diff options
author | Francis Lavoie <lavofr@gmail.com> | 2023-01-10 00:08:23 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-01-10 00:08:23 -0500 |
commit | 223cbe3d0b50487117c785f0755bb80a9ee65010 (patch) | |
tree | cf673da335e7470a50a7f1709464ec3f05e67291 /caddyconfig | |
parent | 66ce0c5c635c4ff254ccb92123711534b6461b35 (diff) |
caddyhttp: Add server-level `trusted_proxies` config (#5103)
Diffstat (limited to 'caddyconfig')
-rw-r--r-- | caddyconfig/httpcaddyfile/serveroptions.go | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/caddyconfig/httpcaddyfile/serveroptions.go b/caddyconfig/httpcaddyfile/serveroptions.go index 3e206c8..7aa0a2a 100644 --- a/caddyconfig/httpcaddyfile/serveroptions.go +++ b/caddyconfig/httpcaddyfile/serveroptions.go @@ -42,6 +42,7 @@ type serverOptions struct { MaxHeaderBytes int Protocols []string StrictSNIHost *bool + TrustedProxies []string ShouldLogCredentials bool Metrics *caddyhttp.Metrics } @@ -176,6 +177,15 @@ func unmarshalCaddyfileServerOptions(d *caddyfile.Dispenser) (any, error) { } serverOpts.StrictSNIHost = &boolVal + case "trusted_proxies": + for d.NextArg() { + if d.Val() == "private_ranges" { + serverOpts.TrustedProxies = append(serverOpts.TrustedProxies, caddyhttp.PrivateRangesCIDR()...) + continue + } + serverOpts.TrustedProxies = append(serverOpts.TrustedProxies, d.Val()) + } + case "metrics": if d.NextArg() { return nil, d.ArgErr() @@ -269,6 +279,7 @@ func applyServerOptions( server.MaxHeaderBytes = opts.MaxHeaderBytes server.Protocols = opts.Protocols server.StrictSNIHost = opts.StrictSNIHost + server.TrustedProxies = opts.TrustedProxies server.Metrics = opts.Metrics if opts.ShouldLogCredentials { if server.Logs == nil { |