https://github.com/vincentinttsh/cloudflareip
https://github.com/vincentinttsh/cloudflareip
traefik-plugin
Last synced: 6 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/vincentinttsh/cloudflareip
- Owner: vincentinttsh
- License: mit
- Created: 2021-08-07T02:38:46.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2021-08-07T09:28:32.000Z (almost 5 years ago)
- Last Synced: 2024-06-20T15:49:07.832Z (about 2 years ago)
- Topics: traefik-plugin
- Language: Go
- Homepage:
- Size: 13.7 KB
- Stars: 3
- Watchers: 3
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# cloudflareip
[](https://codecov.io/gh/vincentinttsh/cloudflareip)
[](https://goreportcard.com/report/github.com/vincentinttsh/cloudflareip)
[](https://github.com/vincentinttsh/cloudflareip/actions/workflows/go.yml)
If Traefik is behind Cloudflare, it won't be able to get the real IP from the external client by checking the remote IP address.
This plugin solves this issue by overwriting the X-Real-IP with an IP from the Cf-Connecting-IP header. The real IP will be the Cf-Connecting-IP if request is come from cloudflare ( truest ip in configuration file).
## Configuration
## Configuration documentation
Supported configurations per body
| Setting| Allowed values | Required | Description |
| :-- | :-- | :-- | :-- |
| trustip | []string | Yes | IP or IP range to trust |
### Static
```yaml
pilot:
token: xxxx
experimental:
plugins:
traefik-real-ip:
modulename: github.com/vincentinttsh/cloudflareip
version: v1.0.0
```
### Dynamic configuration
```yaml
http:
routers:
my-router:
rule: Path(`/whoami`)
service: service-whoami
entryPoints:
- http
middlewares:
- cloudflareip
services:
service-whoami:
loadBalancer:
servers:
- url: http://127.0.0.1:5000
middlewares:
cloudflareip:
plugin:
cloudflareip:
trustip:
- "1.1.1.1/24"
```