From 6493911d4593f6512c9b3ff8d01bd59352348a27 Mon Sep 17 00:00:00 2001
From: TomyJan <TomyJan6@gmail.com>
Date: Sun, 13 Apr 2025 18:41:28 +0800
Subject: [PATCH] feat: separate real ip header of frontend/agent (#1057)

* test(deps): use self admin-frontend

* feat: separate real ip header of frontend/agent

* test(ci): test

* Revert "test(ci): test"

This reverts commit 1634c7e7d7bca2873c13955abb582ea88645844f.

* test(ci): test

* test(ci): test

* test(ci): test

* Revert "test(ci): test"

This reverts commit 8fce20a07e5a9503f665937337050d4373ca7e78.

* Revert "test(ci): test"

This reverts commit 3267cccbfb81776a711e8cb34e676536f0852d1c.

* Revert "test(ci): test"

This reverts commit 566660c0c6a9875864aa46537bcc6788769337eb.

* Revert "test(deps): use self admin-frontend"

This reverts commit 16a838b374ff040800b2c1c5f8e5ede577645669.
---
 cmd/dashboard/controller/setting.go | 3 ++-
 cmd/dashboard/controller/waf/waf.go | 6 +++---
 cmd/dashboard/rpc/rpc.go            | 6 +++---
 model/config.go                     | 3 ++-
 model/setting_api.go                | 3 ++-
 5 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/cmd/dashboard/controller/setting.go b/cmd/dashboard/controller/setting.go
index e509415..3e43d6e 100644
--- a/cmd/dashboard/controller/setting.go
+++ b/cmd/dashboard/controller/setting.go
@@ -101,7 +101,8 @@ func updateConfig(c *gin.Context) (any, error) {
 	singleton.Conf.DNSServers = sf.DNSServers
 	singleton.Conf.CustomCode = sf.CustomCode
 	singleton.Conf.CustomCodeDashboard = sf.CustomCodeDashboard
-	singleton.Conf.RealIPHeader = sf.RealIPHeader
+	singleton.Conf.WebRealIPHeader = sf.WebRealIPHeader
+	singleton.Conf.AgentRealIPHeader = sf.AgentRealIPHeader
 	singleton.Conf.AgentTLS = sf.AgentTLS
 	singleton.Conf.UserTemplate = sf.UserTemplate
 
diff --git a/cmd/dashboard/controller/waf/waf.go b/cmd/dashboard/controller/waf/waf.go
index 91fb0a4..bcf59dd 100644
--- a/cmd/dashboard/controller/waf/waf.go
+++ b/cmd/dashboard/controller/waf/waf.go
@@ -16,18 +16,18 @@ import (
 var errorPageTemplate string
 
 func RealIp(c *gin.Context) {
-	if singleton.Conf.RealIPHeader == "" {
+	if singleton.Conf.WebRealIPHeader == "" {
 		c.Next()
 		return
 	}
 
-	if singleton.Conf.RealIPHeader == model.ConfigUsePeerIP {
+	if singleton.Conf.WebRealIPHeader == model.ConfigUsePeerIP {
 		c.Set(model.CtxKeyRealIPStr, c.RemoteIP())
 		c.Next()
 		return
 	}
 
-	vals := c.Request.Header.Get(singleton.Conf.RealIPHeader)
+	vals := c.Request.Header.Get(singleton.Conf.WebRealIPHeader)
 	if vals == "" {
 		c.AbortWithStatusJSON(http.StatusOK, model.CommonResponse[any]{Success: false, Error: "real ip header not found"})
 		return
diff --git a/cmd/dashboard/rpc/rpc.go b/cmd/dashboard/rpc/rpc.go
index 215b959..95240ba 100644
--- a/cmd/dashboard/rpc/rpc.go
+++ b/cmd/dashboard/rpc/rpc.go
@@ -47,16 +47,16 @@ func getRealIp(ctx context.Context, req any, info *grpc.UnaryServerInfo, handler
 	}
 	ctx = context.WithValue(ctx, model.CtxKeyConnectingIP{}, connectingIp)
 
-	if singleton.Conf.RealIPHeader == "" {
+	if singleton.Conf.AgentRealIPHeader == "" {
 		return handler(ctx, req)
 	}
 
-	if singleton.Conf.RealIPHeader == model.ConfigUsePeerIP {
+	if singleton.Conf.AgentRealIPHeader == model.ConfigUsePeerIP {
 		if connectingIp == "" {
 			return nil, fmt.Errorf("connecting ip not found")
 		}
 	} else {
-		vals := metadata.ValueFromIncomingContext(ctx, singleton.Conf.RealIPHeader)
+		vals := metadata.ValueFromIncomingContext(ctx, singleton.Conf.AgentRealIPHeader)
 		if len(vals) == 0 {
 			return nil, fmt.Errorf("real ip header not found")
 		}
diff --git a/model/config.go b/model/config.go
index a5ac08e..a10d57f 100644
--- a/model/config.go
+++ b/model/config.go
@@ -32,7 +32,8 @@ type ConfigDashboard struct {
 	InstallHost string `koanf:"install_host" json:"install_host,omitempty"`
 	AgentTLS    bool   `koanf:"tls" json:"tls,omitempty"` // 用于前端判断生成的安装命令是否启用 TLS
 
-	RealIPHeader  string `koanf:"real_ip_header" json:"real_ip_header,omitempty"` // 真实IP
+	WebRealIPHeader  string `koanf:"web_real_ip_header" json:"web_real_ip_header,omitempty"` // 前端真实IP
+	AgentRealIPHeader  string `koanf:"agent_real_ip_header" json:"agent_real_ip_header,omitempty"` // Agent真实IP
 	UserTemplate  string `koanf:"user_template" json:"user_template,omitempty"`
 	AdminTemplate string `koanf:"admin_template" json:"admin_template,omitempty"`
 
diff --git a/model/setting_api.go b/model/setting_api.go
index 000c28b..5cef3af 100644
--- a/model/setting_api.go
+++ b/model/setting_api.go
@@ -10,7 +10,8 @@ type SettingForm struct {
 	InstallHost                 string `json:"install_host,omitempty" validate:"optional"`
 	CustomCode                  string `json:"custom_code,omitempty" validate:"optional"`
 	CustomCodeDashboard         string `json:"custom_code_dashboard,omitempty" validate:"optional"`
-	RealIPHeader                string `json:"real_ip_header,omitempty" validate:"optional"` // 真实IP
+	WebRealIPHeader                string `json:"web_real_ip_header,omitempty" validate:"optional"` // 前端真实IP
+	AgentRealIPHeader                string `json:"agent_real_ip_header,omitempty" validate:"optional"` // Agent真实IP
 	UserTemplate                string `json:"user_template,omitempty" validate:"optional"`
 
 	AgentTLS                    bool `json:"tls,omitempty" validate:"optional"`