digitaldemocratic/dd-apps/docker/moodle
Evilham 8f5de8af6a
[network] Fix handling of forwarded headers
This fixes several issues where services would see the internal IP of
the proxy and not that of the client.

It works by first unsetting any proxy-related headers that arrive from
the internet, then setting those as seen by HAProxy's entrypoint
frontend.
And finally making sure that neither WAF when enabled nor other
HAProxy backends touch these headers, while they are actually used by
the final services.

Services affected:	Netcloud, Keycloak, Moodle
2022-12-02 06:49:56 +01:00
..
src@53d1631d2f DD education workspace 2022-07-10 12:15:47 +02:00
02-configure-moodle.sh fix config.php file permissions 2022-11-24 10:01:36 +01:00
03-plugins.sh DD education workspace 2022-07-10 12:15:47 +02:00
Dockerfile [network] Fix handling of forwarded headers 2022-12-02 06:49:56 +01:00
dd-patch [network] Fix handling of forwarded headers 2022-12-02 06:49:56 +01:00
is_moodle_ready.sh [moodle] Reduce unnecessary diff against upstream 2022-09-23 06:52:33 +02:00
moodle.yml [containers] Add healthcheck for SSO redirections 2022-09-22 11:52:15 +02:00
nginx.conf [network] Fix handling of forwarded headers 2022-12-02 06:49:56 +01:00