Tomcat10-RemoteIP-Handling
- FEATURE: implemented proxyiphandler function that defines docker networks based on container IP configuration as "InternalProxies" regarding X-Forwarded-For in tomcat10 server.xml
- FEATURE: implemented proxyiphandler function that works with static defined IP's in env / values.yaml as "InternalProxies" regarding X-Forwarded-For in tomcat10 server.xml
- FEATURE: implemented default values (internal Networks: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) as "InternalProxies" regarding X-Forwarded-For in tomcat10 server.xml
- FEATURE: added bash aliases and ip debian packages inside image (see #1 (closed))
- FEATURE: integrated new proxyiphandler example in docker-compose files
- IMPROVEMENT: added several comments and improved some code styles in entrypoint
- BUGFIX: fixed user rights for
/etc/tomcat10/recursively - ENHANCEMENT: added standalone idp+mariadb (and mfa -> not tested yet) helm charts
build based on this baseimage: https://jenkins.daasi.int/view/Modular-Build-Services/job/IDP/job/daasi-idp_docker_build_and_deploy/48/ deployed & tested on docker3.daasi.de with DAASI IDP Configuration: https://idp2.daasi.de/idp/status
New pipeline runs (19.07.2024):
both successfully deployed on:
Docker (on docker3.daasi.de) -> https://idp2.daasi.de/idp/status
K8s (on test-cluster-pascal | IONOS) -> https://idp-test.k8s.daasi.de/idp/status
Note: If the RemoteIP-Handling won't work, the access to the status page (from DAASI Net) is not possible because of x-forwarded-for doesn't work as expected and you recieve an access denied. If the status page will displayed, the remote IP-Handler works as expected.
Edited by Pascal König