Getting real IP when using rclone behind nginx reverse proxy

What is the problem you are having with rclone?

I am not able to get real client / user ip address when using rclone with nginx as reverse proxy.

Run the command 'rclone version' and share the full output of the command.

rclone v1.58.1

  • os/version: debian 10.12 (64 bit)
  • os/kernel: 4.19.0-8-amd64 (x86_64)
  • os/type: linux
  • os/arch: amd64
  • go/version: go1.17.9
  • go/linking: static
  • go/tags: none

Which cloud storage system are you using? (eg Google Drive)

serve webdav

The command you were trying to run (eg rclone copy /tmp remote:tmp)

rclone serve webdav /home/dav/ --addr :8080 --htpasswd /home/mysuser/.config/rclone/htpasswd --vfs-cache-mode writes --vfs-read-chunk-size 128M --log-file=/var/log/userdav.log --log-l$

A log from the command with the -vv flag

2022/05/03 16:46:56 INFO  : /: 127.0.0.1:45812: Unauthorized request from bvgsdfvds
2022/05/03 16:47:05 INFO  : /: [::1]:40198: Unauthorized request from bgfxbvgs
2022/05/03 16:47:16 INFO  : /: 127.0.0.1:45816: Unauthorized request from gfewsgftesgetwgt
2022/05/03 16:47:18 INFO  : /: [::1]:40202: Unauthorized request from gtrsgts
2022/05/03 16:47:20 INFO  : /: 127.0.0.1:45820: Unauthorized request from ghrgrsgtrsgt

I expect real client's IP instead of 127.0.0.1...

That NGinx config looks incomplete.

You probably want to do something more like:

Nginx restore real IP address when behind a reverse proxy - nixCraft (cyberciti.biz)

Thanks for quick response. I will check this.

The nginx snippet I mentioned is normally working for me if I use nginx for my websites behind proxy.

I will let you know. Thanks.

And it could be the http packages we use might not support the forward proxy tags as I've seen that before as well with Plex as an example.

The http library prints the RemoteAddr from the http.Request

	// RemoteAddr allows HTTP servers and other software to record
	// the network address that sent the request, usually for
	// logging. This field is not filled in by ReadRequest and
	// has no defined format. The HTTP server in this package
	// sets RemoteAddr to an "IP:port" address before invoking a
	// handler.
	// This field is ignored by the HTTP client.
	RemoteAddr string

I suspect that is just the remote IP of the proxy.

If we wanted it to be something else then that would need a flag to configure in rclone I think, something like --http-real-ip X-Real-IP