- Used Zammad version: 5.3.0
- Used Zammad installation type: docker-compose with Traefik as reverse proxy
- Operating system: Debian
- Browser + version: Librewolf / Chromium
Zammad shows in Sessions and e.g. mails for new logins the real user IP and not the IP of the reverse proxy.
The IP of the reverse proxy is shown.
This topic isn’t new I know and the reason for made nginx X-Forwarded-Proto scheme & rails trusted proxies configurable by monotek · Pull Request #166 · zammad/zammad-docker-compose · GitHub, also in this community is a bunch of topics regarding it but I tried everything mentioned there.
The skeleton required is IMO
services: zammad-init: environment: - RAILS_TRUSTED_PROXIES=['127.0.0.1', '::1'] zammad-nginx: environment: - VIRTUAL_HOST=helpdesk.domain.tld - NGINX_SERVER_SCHEME=https
Only when I add in the
RAILS_TRUSTED_PROXIES the actual IP address of the reverse proxy (currently
'192.168.192.2'), the client IP is used as expected. But this local IP is of the docker network and can change every know and then so this isn’t a solution here. I tried to add
'traefik' as mentioned in CSRF token verification failed · Issue #2829 · zammad/zammad · GitHub but this didn’t help but would be the solution IMO.
I also added the
X-Forwarded-Proto header to Traefik as a test but that didn’t help either.
Do you have a hint to solve or further troubleshoot this issue?