enable XRealIP Header manually

INSTALLATION.md

@@ -212,6 +212,44 @@ server {
 }
 ```
 
+And edit the docker-compose file as follow: 
+
+```diff
+version: "3"
+
+networks:
+    birdsitelivenetwork:
+        external: false
+
+services:
+    server:
+        image: nicolasconstant/birdsitelive:latest
+        restart: always
+        container_name: birdsitelive
+        environment:
+            - Instance:Domain=domain.name
+            - Instance:AdminEmail=name@domain.ext
++           - Instance:IpWhiteListing=127.0.0.1;127.0.0.2
++           - Instance:EnableXRealIpHeader=true
+            - Db:Type=postgres
+            - Db:Host=db
+            - Db:Name=birdsitelive
+            - Db:User=birdsitelive
+            - Db:Password=birdsitelive
+            - Twitter:ConsumerKey=twitter.api.key
+            - Twitter:ConsumerSecret=twitter.api.key
+        networks:
+            - birdsitelivenetwork
+        ports:
+            - "5000:80"
+        depends_on:
+            - db
+
+    db:
+        image: postgres:9.6
+        [...]
+```
+
 ## More options 
 
 You can find more options available [here](https://github.com/NicolasConstant/BirdsiteLive/blob/master/VARIABLES.md)

VARIABLES.md

@@ -52,6 +52,7 @@ If both whitelisting and blacklisting are set, only the whitelisting will be act
 * `Instance:FailingFollowerCleanUpThreshold` (default: 30000) set the max allowed errors from a Follower (Fediverse) Account before auto-removal. (often due to account suppression, instance issues, etc)
 * `Instance:UserCacheCapacity` (default: 10000) set the caching limit of the Twitter User retrieval. Must be higher than the number of synchronized accounts on the instance.
 * `Instance:IpWhiteListing` IP Whitelisting (separated by `;`), prevent usage of the instance from other IPs than those provided (if provided).
+* `Instance:EnableXRealIpHeader` (default: false) Enable support of X-Real-IP Header to get the remote IP (useful when using reverse proxy).
 
 # Docker Compose full example
 

src/BirdsiteLive.Common/Settings/InstanceSettings.cs

@@ -17,5 +17,6 @@
 
         public int UserCacheCapacity { get; set; }
         public string IpWhiteListing { get; set; }
+        public bool EnableXRealIpHeader { get; set; }
     }
 }

src/BirdsiteLive/Middlewares/IpWhitelistingMiddleware.cs

@@ -13,6 +13,7 @@ namespace BirdsiteLive.Middlewares
     {
         private readonly RequestDelegate _next;
         private readonly ILogger<IpWhitelistingMiddleware> _logger;
+        private readonly InstanceSettings _instanceSettings;
         private readonly byte[][] _safelist;
         private readonly bool _ipWhitelistingSet;
 
@@ -34,6 +35,7 @@ namespace BirdsiteLive.Middlewares
 
             _next = next;
             _logger = logger;
+            _instanceSettings = instanceSettings;
         }
 
         public async Task Invoke(HttpContext context)
@@ -42,11 +44,15 @@ namespace BirdsiteLive.Middlewares
             {
                 var remoteIp = context.Connection.RemoteIpAddress;
 
-                var forwardedIp = context.Request.Headers.FirstOrDefault(x => x.Key == "X-Real-IP").Value.ToString();
-                if (!string.IsNullOrWhiteSpace(forwardedIp))
+                if (_instanceSettings.EnableXRealIpHeader)
                 {
-                    _logger.LogDebug("Redirected IP address detected");
-                    remoteIp = IPAddress.Parse(forwardedIp);
+                    var forwardedIp = context.Request.Headers.FirstOrDefault(x => x.Key == "X-Real-IP").Value
+                        .ToString();
+                    if (!string.IsNullOrWhiteSpace(forwardedIp))
+                    {
+                        _logger.LogDebug("Redirected IP address detected");
+                        remoteIp = IPAddress.Parse(forwardedIp);
+                    }
                 }
 
                 _logger.LogDebug("Request from Remote IP address: {RemoteIp}", remoteIp);