From 5374df384a032e91f09d53291c879ee19da99714 Mon Sep 17 00:00:00 2001
From: Mossroy <mossroy@mossroy.fr>
Date: Wed, 25 Oct 2023 16:23:03 +0200
Subject: Use RemoteIPInternalProxy directive of remoteip Apache module (#5740)

* Use RemoteIPInternalProxy directive of remoteip Apache module

instead of RemoteIPTrustedProxy directive

To allow internal IPs to be trusted: for internal clients,
and also for the case of chained internal reverse-proxies

Fixes #5726

* One last reference forgotten

---------

Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
---
 Docker/entrypoint.sh | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'Docker/entrypoint.sh')

diff --git a/Docker/entrypoint.sh b/Docker/entrypoint.sh
index c17d0d445..958fb4b40 100755
--- a/Docker/entrypoint.sh
+++ b/Docker/entrypoint.sh
@@ -13,11 +13,11 @@ fi
 
 if [ -n "$TRUSTED_PROXY" ]; then
 	if [ "$TRUSTED_PROXY" = "0" ]; then
-		# Disable RemoteIPHeader and RemoteIPTrustedProxy
+		# Disable RemoteIPHeader and RemoteIPInternalProxy
 		find /etc/apache2/ -type f -name FreshRSS.Apache.conf -exec sed -r -i "/^\s*RemoteIP.*$/s/^/#/" {} \;
 	else
-		# Custom list for RemoteIPTrustedProxy
-		find /etc/apache2/ -type f -name FreshRSS.Apache.conf -exec sed -r -i "\\#^\s*RemoteIPTrustedProxy#s#^.*#\tRemoteIPTrustedProxy $TRUSTED_PROXY#" {} \;
+		# Custom list for RemoteIPInternalProxy
+		find /etc/apache2/ -type f -name FreshRSS.Apache.conf -exec sed -r -i "\\#^\s*RemoteIPInternalProxy#s#^.*#\tRemoteIPInternalProxy $TRUSTED_PROXY#" {} \;
 	fi
 fi
 
-- 
cgit v1.2.3