I'm having issues getting a x-forwarded-for IP address from Traefik. I have a Nextcloud instance setup but its reporting that my reverse proxy header is not configured right. I can see in v1 where "useXForwardedFor" was an option for the entrypoints. but I cannot figure out how that translates to v2s model. below is the relevant sections of my configuration files.
In this example, 10.0.0.14 is a web server that responds to foo.bar and www.foo.bar, and data.foo.bar is my nexcloud instance n 10.0.0.3. I added the stsSeconds header and that cleared one alert i was having in Nextcloud, so I think I'm on the right track. My Traefik server is NOT behind another reverse proxy of any sort, its facing the public internet.
traefik.toml (Truncated):
[entryPoints]
[entryPoints.web]
address = ":80"
[entryPoints.websecure]
address = ":443"
[certificatesResolvers.foobar.acme]
email = "foobar@foobar.com"
storage = "/root/acme.json"
[certificatesResolvers.foobar.acme.dnsChallenge]
provider = "cloudflare"
delayBeforeCheck = 0
[providers]
[providers.file]
filename="/config/dynamic_conf.toml"
dynamic_conf.toml:
[http]
[http.routers]
[http.routers.redirecttohttps]
entryPoints = ["web"]
middlewares = ["httpsredirect"]
rule = "HostRegexp(`{host:.+}`)"
service = "noop"
[http.routers.web]
rule = "Host(`foo.bar`) || Host(`www.foo.bar`)"
service = "web"
[http.routers.web.tls]
certResolver = "foobar"
[http.routers.data]
middlewares = ["headermods"]
rule = "Host(`data.foo.bar`)"
service = "data"
[http.routers.data.tls]
certResolver = "foobar"
[http.middlewares]
[http.middlewares.httpsredirect.redirectScheme]
scheme = "https"
[http.middlewares.headermods.headers]
stsSeconds = 15552000
hostsProxyHeaders = ["X-Forwarded-For"]
[http.services]
[http.services.noop.loadBalancer]
[[http.services.noop.loadBalancer.servers]]
url = "http://1.1.1.1"
[http.services.web.loadBalancer]
[[http.services.web.loadBalancer.servers]]
url = "http://10.0.0.14"
[http.services.data.loadBalancer]
[[http.services.data.loadBalancer.servers]]
url = "http://10.0.0.5"