Hi,
I'm struggling to get the real IP from client in Traefik acsess log when proxyed by cloudflare to work with crowdsec.
My stack :
traefik.toml
[entryPoints.web]
address = ":80"
[entryPoints.web.http.redirections]
[entryPoints.web.http.redirections.entryPoint]
to = "websecure"
scheme = "https"
[entryPoints.web.forwardedHeaders]
trustedIPs = [
# Local IP
"127.0.0.1/32",
"172.20.0.0/24",
# Cloudflare IP 15/09/2022
"173.245.48.0/20",
"103.21.244.0/22",
"103.22.200.0/22",
"103.31.4.0/22",
"141.101.64.0/18",
"108.162.192.0/18",
"190.93.240.0/20",
"188.114.96.0/20",
"197.234.240.0/22",
"198.41.128.0/17",
"162.158.0.0/15",
"104.16.0.0/13",
"104.24.0.0/14",
"172.64.0.0/13",
"131.0.72.0/22"
]
[entryPoints.websecure]
address = ":443"
[entryPoints.websecure.http3]
advertisedPort = 443
labels :
labels:
- "traefik.enable=true"
- "traefik.http.routers.traefik.entrypoints=web,websecure"
- "traefik.http.routers.traefik.rule=Host(`proxy.${DOMAINE:?err}`)"
- "traefik.http.routers.traefik.service=api@internal"
- "traefik.http.routers.traefik.tls.certresolver=cf"
- "traefik.http.routers.traefik.tls.domains[0].main=${DOMAINE:?err}"
- "traefik.http.routers.traefik.tls.domains[0].sans=*.${DOMAINE:?err}"
- "traefik.http.routers.traefik.middlewares=authelia_2FA@file"
I've try to set few plugins like traefik-real-ip, cloudflarewarp and real-ip without success...
maybe i'm doing something wrong.
[experimental]
http3 = true
[experimental.plugins.torblock]
moduleName = "github.com/jpxd/torblock"
version = "v0.1.1"
[experimental.plugins.cloudflarewarp]
moduleName = "github.com/BetterCorp/cloudflarewarp"
version = "v1.3.1"
[experimental.plugins.real-ip]
moduleName = "github.com/Paxxs/traefik-get-real-ip"
version = "v1.0.2"
If someone experience the same and can explain me how to figure out this, i will be thanksfull
Thanks