Local proxy does not support ipv6
simplysoft opened this issue · comments
When dappnode is accessible via both legacy ip (ipv4) and ip (ipv6), nginx returns forbidden error when accessed
The nginx.conf only enables local legacy ip subnet resulting in forbidden due to deny all
server {
server_name dappnode.local;
listen 80;
resolver 172.33.1.2;
allow 192.168.X.X/24;
deny all;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://my.dappnode;
}
}
https://github.com/dappnode/DNP_HTTPS/blob/master/fs_overlay/var/lib/nginx-conf/nginx.conf.erb#L120
Hi,
Thanks for the heads up. This is something that flew under our radar and we'll deal with it.
So my current idea is to just allow there all ipv4 and ipv6 private IP ranges. Any thoughts there?
Makes sense, further restricting it to the exact range that is in use will be more challenging for ipv6. An other option could be to make it configurable and offload that complexity to the user