How to set proxy ip in PHP container

I am running a Shopware container based on a php:7.2-apache. Shopware is a Symfony application and needs some configuration to run behind a proxy:
shopware index.php
symphony setTrustedHosts()

I need to set $_SERVER['TRUSTED_PROXIES'] or $_ENV['TRUSTED_PROXIES'] in my container and add the traefik proxy ip. It was no problem to set it manually in a .env file. But after a docker/host restart the local proxy ip changed and my Shopware instance was not reachable any more.

Is there a way I can set the proxy ip to my Shopware container dynamically? Maybe with command property in my compose file? This is my docker-compose.yml:

version: "3"
services:
  swag:
    build:
      context: .
      dockerfile: Dockerfile
    image: swag-prod
    container_name: swag-shop
    restart: unless-stopped
    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=traefik_default"
      - "traefik.http.routers.swag.rule=Host(`swag.domain.de`)"
      - "traefik.http.routers.swag.entrypoints=websecure"
      - "traefik.http.routers.swag.tls.certresolver=httpchallenge"
    volumes:
      - "./html:/var/www/html"
      - "./000-default.conf:/etc/apache2/sites-available/000-default.conf"
    networks:
      - default
      - traefik
  [...]

Thx and regards, Dan

Hi @dan, FYI your question is not really related to Traefik, but more to general Docker network management.

I see 2 ways of solving that (I'm sure there are plenty of others: others users might have smarter solutions than mine):

• "Dynamic" way, assuming the IP of Traefik can change at any time and accepting this fact. It means that you want your Symfony application to get this IP at startup. If you have a shell script running at the startup of the Symfony docker image, you can use Docker's internal DNS to retrieve one time the IP of Traefik. With a configuration like this:

version: '3'

services:
  proxy:
    image: traefik:v2.0
    command:
      - --providers.docker=true
    ports:
      - "80:80"
    volumes:
      - "/var/run/docker.sock:/var/run/docker.sock:ro"
  web:
    image: nginx:alpine

you can try to run a nslookup proxy command in the container web to retrieve the IP of Traefik: it will request the DNS server of the associated private network (which nginx and traefik services are part of).
In a shell script, it would look like this:

TRAEFIK_IP="$(nslookup proxy 2>&1 | grep 'Address' | awk '{print $3}')"

• Static solution: consider that the IP of Traefik must be fixed. You can specify static IP in docker-compose file for a given service: https://docs.docker.com/compose/compose-file/#ipv4_address-ipv6_address . So this IP can be specified to your Symfony application.

WDYT?

@dduportal thank you very much for you detailed answer. I think I will try your first sollution setting it dynamically.

UPDATE
thx again @dduportal, you pointed me in the right direction.
I ended up using the command property in my docker-compose file. With some modifications of your grep and awk commands I was able to set the right IP to my .env file. On every (re)start of my container, the traefik IP is set

version: "3"
services:
  swag:
    [...]
    command: /bin/bash -c "sed -i 's/TRUSTED_PROXIES=.*/TRUSTED_PROXIES='$$(nslookup traefik 2>&1 | grep 'Address' | tail -n1 | awk '{print $$2}')'/' /var/www/html/.env && apache2-foreground"
    [...]

annotations:
$ needs to be escaped with $$ in docker-compose yaml files
$(nslookup traefik 2>&1: traefik is the name of my traefik proxy container
apache2-foreground is the inital command executed by php:7.2-apache and needs to run afterwards
nslookup is only availible in php:7.2-apache image if you install dnsutils inside your container or (better) add it to your Dockerfile...