From 4673e3bbc9c4fcec3bf7f7c0b878fed7e96f0421 Mon Sep 17 00:00:00 2001
From: Kyle Spearrin <kspearrin@users.noreply.github.com>
Date: Thu, 13 Apr 2023 10:58:03 -0400
Subject: [PATCH] nginx preserve upstream header values, fix ip (#2847)

---
 docker-unified/nginx/proxy.conf   | 18 +++++++++++++++---
 src/Core/Utilities/CoreHelpers.cs |  5 -----
 util/Nginx/proxy.conf             | 18 +++++++++++++++---
 3 files changed, 30 insertions(+), 11 deletions(-)

diff --git a/docker-unified/nginx/proxy.conf b/docker-unified/nginx/proxy.conf
index 7e7941513..a56be6636 100644
--- a/docker-unified/nginx/proxy.conf
+++ b/docker-unified/nginx/proxy.conf
@@ -1,9 +1,21 @@
 proxy_redirect          off;
-proxy_set_header        Host              $host;
+
+map $http_host $upstream_host {
+    default "$host";
+    ~. "$http_host";
+}
+proxy_set_header        Host              $upstream_host;
+
 proxy_set_header        X-Real-IP         $remote_addr;
 proxy_set_header        X-Forwarded-For   $proxy_add_x_forwarded_for;
-proxy_set_header        X-Url-Scheme      $scheme;
-proxy_set_header        X-Forwarded-Proto $scheme;
+
+map $http_x_forwarded_proto $upstream_scheme {
+    default "$scheme";
+    ~. "$http_x_forwarded_proto";
+}
+proxy_set_header        X-Url-Scheme      $upstream_scheme;
+proxy_set_header        X-Forwarded-Proto $upstream_scheme;
+
 client_max_body_size    505m;
 client_body_buffer_size 128k;
 proxy_connect_timeout   90;
diff --git a/src/Core/Utilities/CoreHelpers.cs b/src/Core/Utilities/CoreHelpers.cs
index 27e455161..b97a2f9be 100644
--- a/src/Core/Utilities/CoreHelpers.cs
+++ b/src/Core/Utilities/CoreHelpers.cs
@@ -29,7 +29,6 @@ public static class CoreHelpers
     private static readonly DateTime _max = new DateTime(9999, 1, 1, 0, 0, 0, DateTimeKind.Utc);
     private static readonly Random _random = new Random();
     private static readonly string CloudFlareConnectingIp = "CF-Connecting-IP";
-    private static readonly string RealIp = "X-Real-IP";
 
     /// <summary>
     /// Generate sequential Guid for Sql Server.
@@ -560,10 +559,6 @@ public static class CoreHelpers
         {
             return httpContext.Request.Headers[CloudFlareConnectingIp].ToString();
         }
-        if (globalSettings.SelfHosted && httpContext.Request.Headers.ContainsKey(RealIp))
-        {
-            return httpContext.Request.Headers[RealIp].ToString();
-        }
 
         return httpContext.Connection?.RemoteIpAddress?.ToString();
     }
diff --git a/util/Nginx/proxy.conf b/util/Nginx/proxy.conf
index 7e7941513..a56be6636 100644
--- a/util/Nginx/proxy.conf
+++ b/util/Nginx/proxy.conf
@@ -1,9 +1,21 @@
 proxy_redirect          off;
-proxy_set_header        Host              $host;
+
+map $http_host $upstream_host {
+    default "$host";
+    ~. "$http_host";
+}
+proxy_set_header        Host              $upstream_host;
+
 proxy_set_header        X-Real-IP         $remote_addr;
 proxy_set_header        X-Forwarded-For   $proxy_add_x_forwarded_for;
-proxy_set_header        X-Url-Scheme      $scheme;
-proxy_set_header        X-Forwarded-Proto $scheme;
+
+map $http_x_forwarded_proto $upstream_scheme {
+    default "$scheme";
+    ~. "$http_x_forwarded_proto";
+}
+proxy_set_header        X-Url-Scheme      $upstream_scheme;
+proxy_set_header        X-Forwarded-Proto $upstream_scheme;
+
 client_max_body_size    505m;
 client_body_buffer_size 128k;
 proxy_connect_timeout   90;