Thread: XBT tracker on Cloudflare
View Single Post
  #20  
Old 12th April 2021, 06:34
protocolprowler's Avatar
protocolprowler protocolprowler is offline
Member
  
Join Date: Aug 2020
Posts: 9
Default Trouble getting the real IP to XBT once proxied with NGINX
Quote:
Originally Posted by darkalchemy View Post
YMMV
Try this, it works with proxying xbt, but not tested with cloudflare:

Code:
    location ~ ^/(.*?)/announce$ {
        proxy_pass http://127.0.0.1:2710/$1/announce$is_args$args&ip=$remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Host $remote_addr;
        proxy_pass_header Content-Type;
        proxy_pass_header Content-Disposition;
        proxy_pass_header Content-Length;
        proxy_buffering off;
        proxy_buffer_size 128k;
        proxy_busy_buffers_size 256k;
        proxy_buffers 4 256k;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $http_connection;

        real_ip_recursive on;
    }
nginx variables to explain those used above. You may or may not need all of those headers.

I've been successfully using XBT on my HTTPS Apache powered site for about a year now but only running HTTP on the tracker. Decided to finally attempt securing my tracker and do have client connections working but no matter which NGINX config I try XBT still keeps getting 127.0.0.1 on all client IPs seen from my XBT debug page. Any ideas on what I'm doing wrong? My NGINX config is below. Thanks


Code:
# START REV-PROXY CONF
server {
    listen 8443 ssl http2;
    server_name tracker.example.com;

    ssl_certificate /etc/letsencrypt/live/tracker.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/tracker.example.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/tracker.example.com/chain.pem;
    include snippets/ssl.conf;

    location / {
      rewrite ^(.*)$ $1?ip=$remote_addr break;
      proxy_pass http://127.0.0.1:4000/;
      proxy_redirect     off;
      proxy_set_header   Host             $http_host;
      proxy_set_header   X-Real-IP        $remote_addr;
      proxy_set_header   X-Forwarded-For  $remote_addr;
      access_log off;
      log_not_found off;
    }
}
# END REV-PROXY CONF
Below is what I see on my XBT debug page with NGINX Rev-Proxy.

IPv4 IPv6 Port UID Seeder Modified Peer ID
127.0.0.1:: 51159 398 0 12.1 minutes

127.0.0.1:: 20035 28 1 28.0 seconds


Any and all help anyone can provide is greatly appreciated. Thanks again.
Reply With Quote