CalvinBackup/notesnook-sync-server_customPrivateV1
1
0
Fork 0
mirror of https://github.com/streetwriters/notesnook-sync-server.git synced 2026-02-12 11:12:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

global: add support for specifying known proxies (#63)

Browse Source 
* Add KNOWN_PROXIES

* Add known proxy setup in Startup.cs

Refactor forwarded headers configuration to use a variable for options.

* Document KNOWN_PROXIES in .env file

Added documentation for KNOWN_PROXIES environment variable

* Clean up

Restored license comments and formatting in Constants.cs.

* Apply suggestion from @thecodrr

* Added KnownProxies functionality at Streetwriters.Common level

---------

Co-authored-by: Abdullah Atta <thecodrr@protonmail.com>
This commit is contained in:
Tate M Walker
2025-10-29 00:14:49 -05:00
committed by GitHub
parent ab9efaea7f
commit dd05c55875
6 changed files with 39 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.env
View File

@@ -46,6 +46,11 @@ TWILIO_SERVICE_SID=
# Example: https://app.notesnook.com,http://localhost:3000
NOTESNOOK_CORS_ORIGINS=
# Description: Add known proxies for incoming HTTP requests
# Required: no
# Example: 192.168.1.2,192.168.1.3
KNOWN_PROXIES=
# Description: This is the public URL for the web app, and is used by the backend for creating redirect URLs (e.g. after email confirmation etc).
# Note: the URL has no slashes at the end
# Required: yes

8
Notesnook.API/Startup.cs
View File

@@ -251,13 +251,7 @@ namespace Notesnook.API
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (!env.IsDevelopment())
{
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});
}
app.UseForwardedHeadersWithKnownProxies(env);
app.UseOpenTelemetryPrometheusScrapingEndpoint((context) => context.Request.Path == "/metrics" && context.Connection.LocalPort == 5067);
app.UseResponseCompression();

4
Streetwriters.Common/Constants.cs
View File

@@ -57,6 +57,7 @@ namespace Streetwriters.Common
public static string? NOTESNOOK_SERVER_HOST => Environment.GetEnvironmentVariable("NOTESNOOK_SERVER_HOST");
public static string? NOTESNOOK_CERT_PATH => Environment.GetEnvironmentVariable("NOTESNOOK_CERT_PATH");
public static string? NOTESNOOK_CERT_KEY_PATH => Environment.GetEnvironmentVariable("NOTESNOOK_CERT_KEY_PATH");
public static string[] KNOWN_PROXIES => (Environment.GetEnvironmentVariable("KNOWN_PROXIES") ?? "").Split(',', StringSplitOptions.RemoveEmptyEntries | StringSplitOptions.TrimEntries);
public static int IDENTITY_SERVER_PORT => int.Parse(Environment.GetEnvironmentVariable("IDENTITY_SERVER_PORT") ?? "80");
public static string? IDENTITY_SERVER_HOST => Environment.GetEnvironmentVariable("IDENTITY_SERVER_HOST");
@@ -79,4 +80,5 @@ namespace Streetwriters.Common
public static string? SUBSCRIPTIONS_CERT_KEY_PATH => Environment.GetEnvironmentVariable("SUBSCRIPTIONS_CERT_KEY_PATH");
public static string[] NOTESNOOK_CORS_ORIGINS => Environment.GetEnvironmentVariable("NOTESNOOK_CORS")?.Split(",") ?? new string[] { };
}
}
}

28
Streetwriters.Common/Extensions/AppBuilderExtensions.cs
View File

@@ -19,9 +19,12 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
using System;
using System.Collections.Generic;
using System.Net;
using System.Text.Json;
using Microsoft.AspNetCore.Builder;
using Microsoft.AspNetCore.Hosting;
using Microsoft.AspNetCore.Http;
using Microsoft.AspNetCore.HttpOverrides;
using Microsoft.Extensions.DependencyInjection;
using WampSharp.AspNetCore.WebSockets.Server;
using WampSharp.Binding;
@@ -82,5 +85,30 @@ namespace Streetwriters.Common.Extensions
return scope.ServiceProvider.GetRequiredService<T>();
}
}
public static IApplicationBuilder UseForwardedHeadersWithKnownProxies(this IApplicationBuilder app, IWebHostEnvironment env, string forwardedForHeaderName = null)
{
if (!env.IsDevelopment())
{
var forwardedHeadersOptions = new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
};
if (!string.IsNullOrEmpty(forwardedForHeaderName))
{
forwardedHeadersOptions.ForwardedForHeaderName = forwardedForHeaderName;
}
foreach (var proxy in Constants.KNOWN_PROXIES)
{
forwardedHeadersOptions.KnownProxies.Add(IPAddress.Parse(proxy));
}
app.UseForwardedHeaders(forwardedHeadersOptions);
}
return app;
}
}
}

9
Streetwriters.Identity/Startup.cs
View File

@@ -212,14 +212,7 @@ namespace Streetwriters.Identity
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (!env.IsDevelopment())
{
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedForHeaderName = "CF-Connecting-IP",
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});
}
app.UseForwardedHeadersWithKnownProxies(env, "CF-Connecting-IP");
app.UseCors("notesnook");
app.UseVersion(Servers.IdentityServer);

8
Streetwriters.Messenger/Startup.cs
View File

@@ -94,13 +94,7 @@ namespace Streetwriters.Messenger
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (!env.IsDevelopment())
{
app.UseForwardedHeaders(new ForwardedHeadersOptions
{
ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto
});
}
app.UseForwardedHeadersWithKnownProxies(env);
app.UseCors("notesnook");
app.UseVersion(Servers.MessengerServer);