Allow all IPs to send forwarded headers

This commit is contained in:
Jake Howard 2023-02-06 20:03:56 +00:00
parent 41a383800d
commit 378c0f9f44
Signed by: jake
GPG key ID: 57AFB45680EDD477

View file

@ -1,5 +1,3 @@
import socket
import gunicorn import gunicorn
wsgi_app = "website.wsgi:application" wsgi_app = "website.wsgi:application"
@ -9,16 +7,10 @@ preload_app = True
bind = "0.0.0.0" bind = "0.0.0.0"
max_requests = 1200 max_requests = 1200
max_requests_jitter = 100 max_requests_jitter = 100
forwarded_allow_ips = "*"
# Run an additional thread so the GIL isn't sitting completely idle # Run an additional thread so the GIL isn't sitting completely idle
threads = 2 threads = 2
# Replace gunicorn's 'Server' HTTP header # Replace gunicorn's 'Server' HTTP header
gunicorn.SERVER_SOFTWARE = gunicorn.SERVER = "Wouldn't you like to know" gunicorn.SERVER_SOFTWARE = gunicorn.SERVER = "Wouldn't you like to know"
# HACK: Allow traefik to send forwarded IPs
# CIDR isn't supported here sadly
try:
forwarded_allow_ips = socket.gethostbyname("traefik")
except socket.gaierror:
pass