From 55e7629aba03464bf4e31dd5c477cd8536a09458 Mon Sep 17 00:00:00 2001
From: Takashi Kajinami <tkajinam@redhat.com>
Date: Fri, 6 May 2022 22:45:01 +0900
Subject: [PATCH] Horizon: Enable client ip detection by X-Forwarded-For header

... so that actual client ip is logged instead of loadbalancer ip.

Depends-on: https://review.opendev.org/837504
Change-Id: I58a2290ca9362d48e4de55d1ba93834c6eb04100
---
 deployment/horizon/horizon-container-puppet.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/deployment/horizon/horizon-container-puppet.yaml b/deployment/horizon/horizon-container-puppet.yaml
index ff21178c06..aef0f1942b 100644
--- a/deployment/horizon/horizon-container-puppet.yaml
+++ b/deployment/horizon/horizon-container-puppet.yaml
@@ -210,6 +210,7 @@ outputs:
         map_merge:
         - horizon::allowed_hosts: {get_param: HorizonAllowedHosts}
           horizon::enable_secure_proxy_ssl_header: true
+          horizon::secure_proxy_addr_header: HTTP_X_FORWARDED_FOR
           horizon::disable_password_reveal: true
           horizon::enforce_password_check: true
           horizon::disallow_iframe_embed: true