From 2486c98da7f3d4cdbb13c255530c26f30397d165 Mon Sep 17 00:00:00 2001
From: Gisle Aune <dev@gisle.me>
Date: Fri, 2 Apr 2021 15:04:28 +0200
Subject: [PATCH] add support for trustedProxy `GATEWAY` to determine
 automatically from gateway. That's useful in docker where an nginx on the
 host is not always on a known ip.

---
 server.js | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/server.js b/server.js
index 9666aed..62dbe53 100644
--- a/server.js
+++ b/server.js
@@ -28,7 +28,12 @@ lasso.configure(require("./marko-config"))
 
 // Set trusted proxy
 if (config.trustedProxy != null) {
-  if (ip.isV4Format(config.trustedProxy) || ip.isV6Format(config.trustedProxy)) {
+  if (config.trustedProxy === "GATEWAY") {
+    const ip = require("child_process").execSync("/sbin/ip route|awk '/default/ { print $3 }'").toString().trim()
+    app.set('trust proxy', ip)
+
+    console.log("Trusting proxy from default gateway", ip);
+  } else if (ip.isV4Format(config.trustedProxy) || ip.isV6Format(config.trustedProxy)) {
     app.set('trust proxy', config.trustedProxy)
 
     console.log("Trusting proxy", config.trustedProxy);
@@ -128,4 +133,4 @@ app.listen(config.port, function() {
 
 // Handle shutdown signals (Docker needs this to shutdown quickly)
 process.on('SIGINT', () => process.exit(0))
-process.on('SIGTERM', () => process.exit(0))
\ No newline at end of file
+process.on('SIGTERM', () => process.exit(0))