Skip to content
This repository has been archived by the owner on Feb 7, 2025. It is now read-only.

BetterCorp/cloudflarewarp

BranchesTags

Repository files navigation

cloudflarewarp

codecov Go Report Card Go

If Traefik is behind a Cloudflare WARP tunnel, it won't be able to get the real IP from the external client as well as other information.

This plugin solves this issue by overwriting the X-Real-IP and X-Forwarded-For with an IP from the CF-Connecting-IP header.
The real IP will be the Cf-Connecting-IP if request is come from cloudflare ( truest ip in configuration file).
The plugin also writes the CF-Visitor scheme to the X-Forwarded-Proto. (This fixes an infinite redirect issue for wordpress when using CF[443]->WARP->Traefik[80]->WP[80])

Configuration

Configuration documentation

Supported configurations per body

Setting Allowed values Required Description
trustip []string Yes IP or IP range to trust

Static

pilot:
  token: xxxx

experimental:
  plugins:
    traefik-cf-warp:
      modulename: github.com/BetterCorp/cloudflarewarp
      version: v1.0.0

Dynamic configuration

http:
  routers:
    my-router:
      rule: Path(`/whoami`)
      service: service-whoami
      entryPoints:
        - http
      middlewares:
        - cloudflarewarp

  services:
   service-whoami:
      loadBalancer:
        servers:
          - url: http://127.0.0.1:5000
  
  middlewares:
    cloudflarewarp:
      plugin:
        cloudflarewarp:
          trustip:
            - "1.1.1.1/24"

About

No description or website provided.

Topics

traefik-plugin

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

91 stars

Watchers

3 watching

Forks

9 forks
Report repository

Releases 4

v1.3.3 Latest
Sep 28, 2022
+ 3 releases

Packages

No packages published

Contributors 3

Languages