Forward real IP through Haproxy => Nginx => Unicorn
Posted
by
Hendrik
on Server Fault
See other posts from Server Fault
or by Hendrik
Published on 2012-07-11T11:20:00Z
Indexed on
2012/07/11
15:17 UTC
Read the original article
Hit count: 326
How do I forward the real visitors ip adress to Unicorn? The current setup is:
Haproxy => Nginx => Unicorn
- How can I forward the real IP address from Haproxy, to Nginx, to Unicorn? Currently it is always only 127.0.0.1
- I read that the X headers are going to be depreceated. http://tools.ietf.org/html/rfc6648 - how will this impact us?
Haproxy Config:
# haproxy config
defaults
log global
mode http
option httplog
option dontlognull
option httpclose
retries 3
option redispatch
maxconn 2000
contimeout 5000
clitimeout 50000
srvtimeout 50000
# Rails Backend
backend deployer-production
reqrep ^([^\ ]*)\ /api/(.*) \1\ /\2
balance roundrobin
server deployer-production localhost:9000 check
Nginx Config:
upstream unicorn-production {
server unix:/tmp/unicorn.ordify-backend-production.sock fail_timeout=0;
}
server {
listen 9000 default;
server_name manager.ordify.localhost;
root /home/deployer/apps/ordify-backend-production/current/public;
access_log /var/log/nginx/ordify-backend-production_access.log;
rewrite_log on;
try_files $uri/index.html $uri @unicorn;
location @unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_redirect off;
proxy_pass http://unicorn-production;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
}
© Server Fault or respective owner