There is such a configuration for nginx/1.24.0 (–with-http_realip_module) as an example of an IMAP proxy protocol. But there is a problem with getting the real IP address of the client in the nginx logs (80_access.log). And there is a problem with getting the real IP address of the client in index.php in the variable $_SERVER[“REMOTE_ADDR”].
user www;
worker_processes auto;
pid /var/run/nginx.pid;
worker_rlimit_nofile 20480;
events {
use kqueue;
worker_connections 10240;
multi_accept on;
}
http {
include /usr/local/etc/nginx/mime.types;
default_type application/octet-stream;
server_tokens off;
log_format main '$remote_addr - $remote_user [$time_local] $status "$request" $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/nginx-access.log main;
error_log /var/log/nginx/nginx-error.log warn;
keepalive_timeout 30;
keepalive_requests 200;
server {
listen 80;
server_name imap.example.com;
server_name_in_redirect on;
access_log /var/log/nginx/gatewaymail.net/imap/80_access.log common;
error_log /var/log/nginx/gatewaymail.net/imap/80_errors.log warn;
root /usr/local/www/nginx/imap;
index index.php;
location / {
}
location = /favicon.ico {
log_not_found off;
}
location ~ .php$ {
try_files $uri = 404;
fastcgi_pass unix:/var/run/imap-php8.3-fpm.sock;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
include fastcgi_params;
fastcgi_split_path_info ^(.+?.php)(/.*)?$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_script_name;
fastcgi_buffer_size 1024k;
fastcgi_buffers 4 1024k;
fastcgi_busy_buffers_size 1024k;
fastcgi_temp_file_write_size 1024k;
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
fastcgi_param SERVER_ADMIN [email protected];
fastcgi_param SERVER_SIGNATURE nginx/$nginx_version;
fastcgi_index index.php;
}
}
}
mail {
proxy_pass_error_message on;
server {
auth_http imap.example.com/index.php;
listen 143;
protocol imap;
error_log /var/log/nginx/gatewaymail.net/imap/imap_proxy_errors.log warn;
}
}
In the logs, I always see the internal or external IP of my own server depending on the configuration.
If:
server_name imap.example.com
auth_http imap.example.com/index.php
I see the external IP of my server.
If:
server_name imap;
auth_http imap/index.php;
I see the internal IP of my server.
I tried different configurations:
https://docs.nginx.com/nginx/admin-guide/load-balancer/using-proxy-protocol/
nginx mail proxy behind haproxy – get clients real ip address
real_ip_header X-Forwarded-For;
set_real_ip_from 0.0.0.0/0;
nothing helped.
I ask for help from the experts.