Skip to content

How to get real IP in logs instead of bridge IP? #237

Open
Open
How to get real IP in logs instead of bridge IP?#237
@vshuraeff

Description

@vshuraeff
vshuraeff
opened on Apr 12, 2025

When installed in docker and behind some reverse proxy like nginx, container logs does not show real client IP address even if passing right headers from proxy.

server {
    listen [::]:443 ssl http2;
    listen 443 ssl http2;

    server_name {{ service_domains.passbolt.primary.fqdn }};
    ssl_certificate /etc/ssl/private/{{ service_domains.passbolt.primary.domain }}/fullchain.pem;
    ssl_certificate_key /etc/ssl/private/{{ service_domains.passbolt.primary.domain }}/private.key;

    location / {
        proxy_intercept_errors on;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Port $server_port;
        proxy_redirect off;
        proxy_buffering off;
        proxy_pass http://localhost:8000/;
    }
}

docker logs --tail 10 passbolt

172.17.0.1 - - [12/Apr/2025:16:10:57 +0000] "GET /auth/is-authenticated.json HTTP/1.0" 401 255 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36"
2025-04-12 16:10:57,476 INFO reaped unknown pid 397 (exit status 0)
2025-04-12 16:10:57,477 INFO reaped unknown pid 399 (exit status 0)
172.17.0.1 - - [12/Apr/2025:16:11:43 +0000] "GET /auth/is-authenticated.json HTTP/1.0" 401 255 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:137.0) Gecko/20100101 Firefox/137.0"
2025-04-12 16:11:43,816 INFO reaped unknown pid 420 (exit status 0)
2025-04-12 16:11:43,816 INFO reaped unknown pid 422 (exit status 0)
172.17.0.1 - - [12/Apr/2025:16:11:56 +0000] "GET /auth/is-authenticated.json HTTP/1.0" 401 255 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36"

so, I want to see real client IPs in logs, not bridge IPs.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions