From f9380289eb251c818e87e8f0ad0a41fc8bdd90aa Mon Sep 17 00:00:00 2001
From: minibikini <egor@kislitsyn.com>
Date: Fri, 27 Sep 2019 21:59:23 +0000
Subject: Add `remote_ip` plug

---
 config/config.exs      |  2 ++
 config/description.exs | 36 ++++++++++++++++++++++++++++++++++++
 2 files changed, 38 insertions(+)

(limited to 'config')

diff --git a/config/config.exs b/config/config.exs
index 403ade60d..36bea19a0 100644
--- a/config/config.exs
+++ b/config/config.exs
@@ -591,6 +591,8 @@ config :pleroma, :rate_limit, nil
 
 config :pleroma, Pleroma.ActivityExpiration, enabled: true
 
+config :pleroma, Pleroma.Plugs.RemoteIp, enabled: false
+
 config :pleroma, :web_cache_ttl,
   activity_pub: nil,
   activity_pub_question: 30_000
diff --git a/config/description.exs b/config/description.exs
index 38b30bbf6..4547ea368 100644
--- a/config/description.exs
+++ b/config/description.exs
@@ -2687,6 +2687,42 @@ config :pleroma, :config_description, [
       }
     ]
   },
+  %{
+    group: :pleroma,
+    key: Pleroma.Plugs.RemoteIp,
+    type: :group,
+    description: """
+    **If your instance is not behind at least one reverse proxy, you should not enable this plug.**
+
+    `Pleroma.Plugs.RemoteIp` is a shim to call [`RemoteIp`](https://git.pleroma.social/pleroma/remote_ip) but with runtime configuration.
+    """,
+    children: [
+      %{
+        key: :enabled,
+        type: :boolean,
+        description: "Enable/disable the plug. Defaults to `false`.",
+        suggestions: [true, false]
+      },
+      %{
+        key: :headers,
+        type: {:list, :string},
+        description:
+          "A list of strings naming the `req_headers` to use when deriving the `remote_ip`. Order does not matter. Defaults to `~w[forwarded x-forwarded-for x-client-ip x-real-ip]`."
+      },
+      %{
+        key: :proxies,
+        type: {:list, :string},
+        description:
+          "A list of strings in [CIDR](https://en.wikipedia.org/wiki/CIDR) notation specifying the IPs of known proxies. Defaults to `[]`."
+      },
+      %{
+        key: :reserved,
+        type: {:list, :string},
+        description:
+          "Defaults to [localhost](https://en.wikipedia.org/wiki/Localhost) and [private network](https://en.wikipedia.org/wiki/Private_network)."
+      }
+    ]
+  },
   %{
     group: :pleroma,
     key: :web_cache_ttl,
-- 
cgit v1.2.3