Getting real IP when using rclone behind nginx reverse proxy

bambita · May 3, 2022, 2:49pm

What is the problem you are having with rclone?

I am not able to get real client / user ip address when using rclone with nginx as reverse proxy.

Run the command 'rclone version' and share the full output of the command.

rclone v1.58.1

os/version: debian 10.12 (64 bit)
os/kernel: 4.19.0-8-amd64 (x86_64)
os/type: linux
os/arch: amd64
go/version: go1.17.9
go/linking: static
go/tags: none

Which cloud storage system are you using? (eg Google Drive)

serve webdav

The command you were trying to run (eg `rclone copy /tmp remote:tmp`)

rclone serve webdav /home/dav/ --addr :8080 --htpasswd /home/mysuser/.config/rclone/htpasswd --vfs-cache-mode writes --vfs-read-chunk-size 128M --log-file=/var/log/userdav.log --log-l$

A log from the command with the `-vv` flag

2022/05/03 16:46:56 INFO  : /: 127.0.0.1:45812: Unauthorized request from bvgsdfvds
2022/05/03 16:47:05 INFO  : /: [::1]:40198: Unauthorized request from bgfxbvgs
2022/05/03 16:47:16 INFO  : /: 127.0.0.1:45816: Unauthorized request from gfewsgftesgetwgt
2022/05/03 16:47:18 INFO  : /: [::1]:40202: Unauthorized request from gtrsgts
2022/05/03 16:47:20 INFO  : /: 127.0.0.1:45820: Unauthorized request from ghrgrsgtrsgt

I expect real client's IP instead of 127.0.0.1...

Animosity022 · May 3, 2022, 2:57pm

That NGinx config looks incomplete.

You probably want to do something more like:

Nginx restore real IP address when behind a reverse proxy - nixCraft (cyberciti.biz)

bambita · May 3, 2022, 3:28pm

Thanks for quick response. I will check this.

The nginx snippet I mentioned is normally working for me if I use nginx for my websites behind proxy.

I will let you know. Thanks.

Animosity022 · May 3, 2022, 3:29pm

And it could be the http packages we use might not support the forward proxy tags as I've seen that before as well with Plex as an example.

ncw · May 4, 2022, 9:53am

The http library prints the RemoteAddr from the http.Request

	// RemoteAddr allows HTTP servers and other software to record
	// the network address that sent the request, usually for
	// logging. This field is not filled in by ReadRequest and
	// has no defined format. The HTTP server in this package
	// sets RemoteAddr to an "IP:port" address before invoking a
	// handler.
	// This field is ignored by the HTTP client.
	RemoteAddr string

I suspect that is just the remote IP of the proxy.

If we wanted it to be something else then that would need a flag to configure in rclone I think, something like --http-real-ip X-Real-IP

system · June 3, 2022, 9:53am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.