diff --git a/docs/extending-overseerr/fail2ban.md b/docs/extending-overseerr/fail2ban.md index c980bf12f..14ffd974b 100644 --- a/docs/extending-overseerr/fail2ban.md +++ b/docs/extending-overseerr/fail2ban.md @@ -1,7 +1,7 @@ # Fail2ban Filter {% hint style="warning" %} -If you are running Overseerr behind a reverse proxy, make sure that the `PROXY` environment variable is set to `yes`. +If you are running Overseerr behind a reverse proxy, make sure that the **Enable Proxy Support** setting is **enabled**. {% endhint %} To use Fail2ban with Overseerr, create a new file named `overseerr.local` in your Fail2ban `filter.d` directory with the following filter definition: diff --git a/docs/getting-started/installation.md b/docs/getting-started/installation.md index 2722ae947..a7757744b 100644 --- a/docs/getting-started/installation.md +++ b/docs/getting-started/installation.md @@ -17,7 +17,6 @@ After running Overseerr for the first time, configure it by visiting the web UI docker run -d \ -e LOG_LEVEL=info \ -e TZ=Asia/Tokyo \ - -e PROXY= \ -p 5055:5055 \ -v /path/to/appdata/config:/app/config \ --restart unless-stopped \ @@ -33,7 +32,6 @@ docker run -d \ --user=[ user | user:group | uid | uid:gid | user:gid | uid:group ] \ -e LOG_LEVEL=info \ -e TZ=Asia/Tokyo \ - -e PROXY= \ -p 5055:5055 \ -v /path/to/appdata/config:/app/config \ --restart unless-stopped \ diff --git a/overseerr-api.yml b/overseerr-api.yml index 808051a16..209b5ac23 100644 --- a/overseerr-api.yml +++ b/overseerr-api.yml @@ -62,6 +62,9 @@ components: applicationUrl: type: string example: https://os.example.com + trustProxy: + type: boolean + example: true csrfProtection: type: boolean example: false diff --git a/server/index.ts b/server/index.ts index 52b0adfb1..564816826 100644 --- a/server/index.ts +++ b/server/index.ts @@ -61,7 +61,7 @@ app startJobs(); const server = express(); - if (process.env.PROXY === 'yes') { + if (settings.main.trustProxy) { server.enable('trust proxy'); } server.use(cookieParser()); diff --git a/server/lib/settings.ts b/server/lib/settings.ts index 1ec1024a6..1209ec302 100644 --- a/server/lib/settings.ts +++ b/server/lib/settings.ts @@ -54,6 +54,7 @@ export interface MainSettings { csrfProtection: boolean; defaultPermissions: number; hideAvailable: boolean; + trustProxy: boolean; } interface PublicSettings { @@ -158,9 +159,10 @@ class Settings { main: { apiKey: '', applicationUrl: '', - hideAvailable: false, csrfProtection: false, defaultPermissions: Permission.REQUEST, + hideAvailable: false, + trustProxy: false, }, plex: { name: '', diff --git a/src/components/Settings/SettingsMain.tsx b/src/components/Settings/SettingsMain.tsx index 91dcdec4b..fd7151017 100644 --- a/src/components/Settings/SettingsMain.tsx +++ b/src/components/Settings/SettingsMain.tsx @@ -30,6 +30,9 @@ const messages = defineMessages({ csrfProtection: 'Enable CSRF Protection', csrfProtectionTip: 'Sets external API access to read-only (Overseerr must be reloaded for changes to take effect)', + trustProxy: 'Enable Proxy Support', + trustProxyTip: + 'Allows Overseerr to correctly register client IP addresses behind a proxy (Overseerr must be reloaded for changes to take effect)', }); const SettingsMain: React.FC = () => { @@ -78,6 +81,7 @@ const SettingsMain: React.FC = () => { csrfProtection: data?.csrfProtection, defaultPermissions: data?.defaultPermissions ?? 0, hideAvailable: data?.hideAvailable, + trustProxy: data?.trustProxy, }} enableReinitialize onSubmit={async (values) => { @@ -87,6 +91,7 @@ const SettingsMain: React.FC = () => { csrfProtection: values.csrfProtection, defaultPermissions: values.defaultPermissions, hideAvailable: values.hideAvailable, + trustProxy: values.trustProxy, }); addToast(intl.formatMessage(messages.toastSettingsSuccess), { @@ -170,6 +175,32 @@ const SettingsMain: React.FC = () => { +
+ +
+ { + setFieldValue('trustProxy', !values.trustProxy); + }} + className="w-6 h-6 text-indigo-600 transition duration-150 ease-in-out rounded-md form-checkbox" + /> +
+