gizmocuz wrote: ↑Monday 08 July 2024 8:50
Did you add your HAproxy IP Address in the "Trusted Networks" under Settings?
No, I don't want that at the moment. As even if you access domoticz external you will get the HAproxy IP
I think you want that
Domoticz needs to know if it can trust Proxy headers it receives. Otherwise anyone can pretend to be a proxy.
So when you add the Proxy IP address to the trusted network, domoticz will process the proxy headers. And with the proper proxy headers it will also see the real client IP and act accordingly.
One RPi with Domoticz, RFX433e, aeon labs z-wave plus stick GEN5, ha-bridge 5.4.0 for Alexa, Philips Hue Bridge, Pimoroni Automation Hat
One RPi with Pi foundation standard touch screen to display Dashticz
gizmocuz wrote: ↑Monday 08 July 2024 8:50
Did you add your HAproxy IP Address in the "Trusted Networks" under Settings?
No, I don't want that at the moment. As even if you access domoticz external you will get the HAproxy IP
I think you want that
Domoticz needs to know if it can trust Proxy headers it receives. Otherwise anyone can pretend to be a proxy.
So when you add the Proxy IP address to the trusted network, domoticz will process the proxy headers. And with the proper proxy headers it will also see the real client IP and act accordingly.
You are talking about "Trusted Networks (no username/password):" I don't wan't to set my proxy adress then everyone just bypass logon...
Raspberry PI 2 with RaZberry Controller 2016 ZWave+ and CC2531(zigbee)
Several IKEA devices/z-wave devices
Varazir wrote: ↑Thursday 15 August 2024 22:10
You are talking about "Trusted Networks (no username/password):" I don't wan't to set my proxy adress then everyone just bypass logon...
Did you test that or do you think that?
Domoticz is connected by the ip adress of the proxy, but it should see the remote addres (that is forwarded by the proxy if headers are set right), so that should not be the case.
Varazir wrote:
No, I don't want that at the moment. As even if you access domoticz external you will get the HAproxy IP
I think you want that
Domoticz needs to know if it can trust Proxy headers it receives. Otherwise anyone can pretend to be a proxy.
So when you add the Proxy IP address to the trusted network, domoticz will process the proxy headers. And with the proper proxy headers it will also see the real client IP and act accordingly.
You are talking about "Trusted Networks (no username/password):" I don't wan't to set my proxy adress then everyone just bypass logon...
When you add the Proxy IP to the Trusted list, it does NOT mean everyone will bypass the login. Give it a try and test it (I assume you are using a recent version of Domoticz).
The users that want to access domoticz through your Proxy will be checked against their real IP address and NOT the Proxy IP.
Try and test!
One RPi with Domoticz, RFX433e, aeon labs z-wave plus stick GEN5, ha-bridge 5.4.0 for Alexa, Philips Hue Bridge, Pimoroni Automation Hat
One RPi with Pi foundation standard touch screen to display Dashticz