selfhostblocks/_disnix/ttrss/normalize-headers.nix

{ pkgs
}:
{ debug ? false
}:

pkgs.writeText "normalize-headers.php" (''
  <?php
  
  $trustedProxies = array(
    '127.0.0.1',
    '@'
  );
  
  # phpinfo(INFO_VARIABLES);

  if (isSet($_SERVER['REMOTE_ADDR'])) {
  
    $remote = $_SERVER['REMOTE_ADDR'];
  
    $allowedHeaders = array(
      'HTTP_X_FORWARDED_FOR' => 'REMOTE_ADDR',
      'HTTP_X_REAL_IP' => 'REMOTE_HOST',
      'HTTP_X_FORWARDED_PORT' => 'REMOTE_PORT',
      'HTTP_X_FORWARDED_HTTPS' => 'HTTPS',
      'HTTP_X_FORWARDED_SERVER_ADDR' => 'SERVER_ADDR',
      'HTTP_X_FORWARDED_SERVER_NAME' => 'SERVER_NAME',
      'HTTP_X_FORWARDED_SERVER_PORT' => 'SERVER_PORT',
      'HTTP_X_FORWARDED_PREFERRED_USERNAME' => 'REMOTE_USER',
    );
  
    if(in_array($remote, $trustedProxies)) {
      foreach($allowedHeaders as $header => $serverVar) {
        if(isSet($_SERVER[$header])) {
          if(isSet($_SERVER[$serverVar])) {
            $_SERVER["ORIGINAL_$serverVar"] = $_SERVER[$serverVar];
          }
  
          $_SERVER[$serverVar] = explode(',', $_SERVER[$header], 2)[0];
        }
      }
    }
  
  }
  '' + (if !debug then "" else ''
  trigger_error(print_r($_SERVER, true), E_USER_WARNING);
  '')
)
merge config with unit for php-fpm 2023-01-15 06:51:11 +01:00			`{ pkgs`
add php config and glue caddy to ttrss 2022-09-15 05:46:14 +02:00			`}:`
merge config with unit for php-fpm 2023-01-15 06:51:11 +01:00			`{ debug ? false`
add php config and glue caddy to ttrss 2022-09-15 05:46:14 +02:00			`}:`

merge config with unit for php-fpm 2023-01-15 06:51:11 +01:00			`pkgs.writeText "normalize-headers.php" (''`
add php config and glue caddy to ttrss 2022-09-15 05:46:14 +02:00			`<?php`

			`$trustedProxies = array(`
			`'127.0.0.1',`
			`'@'`
			`);`

			`# phpinfo(INFO_VARIABLES);`
update normalize_headers to print to syslog in debug mode 2022-09-29 08:32:54 +02:00
add php config and glue caddy to ttrss 2022-09-15 05:46:14 +02:00			`if (isSet($_SERVER['REMOTE_ADDR'])) {`

			`$remote = $_SERVER['REMOTE_ADDR'];`

			`$allowedHeaders = array(`
			`'HTTP_X_FORWARDED_FOR' => 'REMOTE_ADDR',`
			`'HTTP_X_REAL_IP' => 'REMOTE_HOST',`
			`'HTTP_X_FORWARDED_PORT' => 'REMOTE_PORT',`
			`'HTTP_X_FORWARDED_HTTPS' => 'HTTPS',`
			`'HTTP_X_FORWARDED_SERVER_ADDR' => 'SERVER_ADDR',`
			`'HTTP_X_FORWARDED_SERVER_NAME' => 'SERVER_NAME',`
			`'HTTP_X_FORWARDED_SERVER_PORT' => 'SERVER_PORT',`
			`'HTTP_X_FORWARDED_PREFERRED_USERNAME' => 'REMOTE_USER',`
			`);`

			`if(in_array($remote, $trustedProxies)) {`
			`foreach($allowedHeaders as $header => $serverVar) {`
			`if(isSet($_SERVER[$header])) {`
			`if(isSet($_SERVER[$serverVar])) {`
			`$_SERVER["ORIGINAL_$serverVar"] = $_SERVER[$serverVar];`
			`}`

			`$_SERVER[$serverVar] = explode(',', $_SERVER[$header], 2)[0];`
			`}`
			`}`
			`}`

			`}`
add optional debug for normalize-headers 2022-10-26 06:59:23 +02:00			`'' + (if !debug then "" else ''`
			`trigger_error(print_r($_SERVER, true), E_USER_WARNING);`
merge config with unit for php-fpm 2023-01-15 06:51:11 +01:00			`'')`
			`)`