GeoIP helm not works

Infos:

  • Used Zammad version: 6.3.1
  • Used Zammad installation type: helm
  • Operating system: EKS 1.29.3-20240605
  • Browser + version: Safari latest

I tried to set trustedProxies in Helm, but still did not work.

zammadConfig:
  nginx:
    trustedProxies:
      - "127.0.0.1"
      - "10.10.0.0/16"
      - "::1"
  railsserver:
    trustedProxies: "['127.0.0.1', '10.10.0.0/16', '172.20.0.0/16', '::1']"

How to get GeoIP working ?

Would you mind sharing where you have this UI part from? A little bit more of information would be fantastic.

it’s from chat details

and also when I open sessions

10.10.x.x is a private network address. Of course you will not receive a valid location.

yes, of course, 10.10.0.0/16 is a local VPC, but how can Zammad get an external address?

Does the user have an external ip address or is the user on the same subnet or network class like Zammad?

let me add zammad.yaml so you can understand the situation better

  • There is access via the public Internet, in that respect everything is ok
ingress:
  enabled: true
  className: nginx
  annotations:
    cert-manager.io/cluster-issuer: letsencrypt-prod-global
  hosts:
    - host: **********.com
      paths:
        - path: /
          pathType: ImplementationSpecific
  tls:
    - secretName: zammad-tls
      hosts:
        - **********.com

nodeSelector:
  node: zammad

postgresql:
  primary:
    persistence:
      storageClass: gp3
      size: 150Gi
    nodeSelector:
      node: zammad

redis:
  master:
    nodeSelector:
      node: zammad

elasticsearch:
  master:
    nodeSelector:
      node: zammad

memcached:
  nodeSelector:
    node: zammad

zammadConfig:
  nginx:
    trustedProxies:
      - "127.0.0.1"
      - "10.10.0.0/16"
      - "172.20.0.0/16"
      - "::1"
  railsserver:
    trustedProxies: "['127.0.0.1', '10.10.0.0/16', '172.20.0.0/16', '::1']"

maybe it will be useful to someone
fixed by adding to ingress-nginx

  config:
    enable-real-ip: true
    use-proxy-protocol: true

full file

controller:
  service:
    annotations:
      service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
      service.beta.kubernetes.io/aws-load-balancer-type: nlb
  config:
    enable-real-ip: true
    use-proxy-protocol: true

also in in LB “Traffic configuration Proxy protocol v2=On”, “Preserve client IP addresses=On”

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.