diff options
| author | 饺子w (Yumechi) <35571479+eternal-flame-AD@users.noreply.github.com> | 2025-09-22 05:45:01 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-09-22 19:45:01 +0900 |
| commit | 211365de64a603d1cf4e98ff9a9fb3398480c36c (patch) | |
| tree | 3c800837721204b6c36db9864d39567830a25b31 | |
| parent | enhance(frontend): 絵文字ピッカーのサイズをより大きくでき... (diff) | |
| download | misskey-211365de64a603d1cf4e98ff9a9fb3398480c36c.tar.gz misskey-211365de64a603d1cf4e98ff9a9fb3398480c36c.tar.bz2 misskey-211365de64a603d1cf4e98ff9a9fb3398480c36c.zip | |
enhance(backend): 設定ファイルにFastifyOptions.trustProxyを追加 (#16567)
* enhance(backend): 設定ファイルにFastifyOptions.trustProxyを追加
Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
* try harder
Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
---------
Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
| -rw-r--r-- | .config/example.yml | 10 | ||||
| -rw-r--r-- | CHANGELOG.md | 3 | ||||
| -rw-r--r-- | packages/backend/src/config.ts | 4 | ||||
| -rw-r--r-- | packages/backend/src/server/ServerService.ts | 2 |
4 files changed, 16 insertions, 3 deletions
diff --git a/.config/example.yml b/.config/example.yml index c127eaae22..489cceec34 100644 --- a/.config/example.yml +++ b/.config/example.yml @@ -105,6 +105,16 @@ port: 3000 # socket: /path/to/misskey.sock # chmodSocket: '777' +# Proxy trust settings +# +# Changes how the server interpret the origin IP of the request. +# +# Any format supported by Fastify is accepted. +# Default: trust all proxies (i.e. trustProxy: true) +# See: https://fastify.dev/docs/latest/reference/server/#trustproxy +# +# trustProxy: 1 + # ┌──────────────────────────┐ #───┘ PostgreSQL configuration └──────────────────────────────── diff --git a/CHANGELOG.md b/CHANGELOG.md index 7adb7ff748..7ceda239ef 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,8 +16,7 @@ - Fix: iOSで、デバイスがダークモードだと初回読み込み時にエラーになる問題を修正 ### Server -- - +- Enhance: ユーザーIPを確実に取得できるために設定ファイルにFastifyOptions.trustProxyを追加しました ## 2025.9.0 diff --git a/packages/backend/src/config.ts b/packages/backend/src/config.ts index f71f1d7e34..fdf6fe18e2 100644 --- a/packages/backend/src/config.ts +++ b/packages/backend/src/config.ts @@ -7,6 +7,7 @@ import * as fs from 'node:fs'; import { fileURLToPath } from 'node:url'; import { dirname, resolve } from 'node:path'; import * as yaml from 'js-yaml'; +import { type FastifyServerOptions } from 'fastify'; import type * as Sentry from '@sentry/node'; import type * as SentryVue from '@sentry/vue'; import type { RedisOptions } from 'ioredis'; @@ -27,6 +28,7 @@ type Source = { url?: string; port?: number; socket?: string; + trustProxy?: FastifyServerOptions['trustProxy']; chmodSocket?: string; disableHsts?: boolean; db: { @@ -118,6 +120,7 @@ export type Config = { url: string; port: number; socket: string | undefined; + trustProxy: FastifyServerOptions['trustProxy']; chmodSocket: string | undefined; disableHsts: boolean | undefined; db: { @@ -266,6 +269,7 @@ export function loadConfig(): Config { url: url.origin, port: config.port ?? parseInt(process.env.PORT ?? '', 10), socket: config.socket, + trustProxy: config.trustProxy, chmodSocket: config.chmodSocket, disableHsts: config.disableHsts, host, diff --git a/packages/backend/src/server/ServerService.ts b/packages/backend/src/server/ServerService.ts index 7325c53df0..1286b4dad6 100644 --- a/packages/backend/src/server/ServerService.ts +++ b/packages/backend/src/server/ServerService.ts @@ -75,7 +75,7 @@ export class ServerService implements OnApplicationShutdown { @bindThis public async launch(): Promise<void> { const fastify = Fastify({ - trustProxy: true, + trustProxy: this.config.trustProxy ?? true, logger: false, }); this.#fastify = fastify; |