Revert mod_remoteip support

Since using remoteip basically hides the fact that the wiki is running behind a reverse proxy, SSL autodetection no longer works (since we won't trust the X-FORWARDED-PROTO header in that case). Until we have a satisfactory solution to this issue, the change is reverted. This reverts commit b59c6af.
dokuwiki · Dec 7, 2024 · 52a48fd · 52a48fd
1 parent 90021a0
commit 52a48fd
Show file tree

Hide file tree

Showing 4 changed files with 0 additions and 12 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -11,8 +11,6 @@ ARG DOKUWIKI_VERSION=stable
 ENV PHP_UPLOADLIMIT 128M
 ENV PHP_MEMORYLIMIT 256M
 ENV PHP_TIMEZONE UTC
-ENV FORWARDING_PROXY 172.16.0.0/12
-ENV FORWARDING_HEADER X-Forwarded-For
 
 COPY root /
 RUN /bin/bash /build-setup.sh

diff --git a/README.md b/README.md
@@ -26,7 +26,6 @@ On first run, use DokuWiki's [installer](https://www.dokuwiki.org/installer) to
 ## Features
 
 * xsendfile configured and enabled
-* mod_remoteip enabled and configured to trust the standard Docker networking range
 * imagemagick installed and enabled
 * nice URLs via rewriting configured and enabled
 * farming support via the [farmer plugin](https://www.dokuwiki.org/plugin:farmer)
@@ -45,11 +44,6 @@ The container runs the standard production php.ini. Some options can be set via
 
 Custom PHP configuration values can be set in a `php.ini` file in the storage volume.
 
-The remoteip module is enabled and configured to use the `X-Forwarded-For` header and trust the standard Docker networking range. You can override both using the following environment variables:
-
-* `FORWARDING_PROXY` - The trusted proxy IP range. Default `172.16.0.0/12`
-* `FORWARDING_HEADER` - The header to trust for the client IP. Default `X-Forwarded-For`
-
 ## Permissions
 
 When the container is started without setting an explicit user id (as the compose file suggests), the image will start as

diff --git a/root/build-setup.sh b/root/build-setup.sh
@@ -15,7 +15,6 @@ a2enconf dokuwiki
 a2disconf security
 a2enmod rewrite
 a2enmod xsendfile
-a2enmod remoteip
 
 # Download DokuWiki from the official website or from GitHub
 curl --fail -L "https://download.dokuwiki.org/src/dokuwiki/dokuwiki-${DOKUWIKI_VERSION}.tgz" -o dokuwiki.tgz || \

diff --git a/root/etc/apache2/conf-available/dokuwiki.conf b/root/etc/apache2/conf-available/dokuwiki.conf
@@ -15,6 +15,3 @@ ServerTokens Prod
 ServerSignature Off
 RedirectMatch 404 /\.git
 TraceEnable Off
-
-RemoteIPInternalProxy ${FORWARDING_PROXY}
-RemoteIPHeader ${FORWARDING_HEADER}