Infer client IP address from the peer address and the X-Forwarded-Proxy header

crates/cli/src/commands/server.rs

@@ -19,8 +19,7 @@ use clap::Parser;
 use itertools::Itertools;
 use mas_config::AppConfig;
 use mas_handlers::{
-    ActivityTracker, AppState, CookieManager, HttpClientFactory, MatrixHomeserver, MetadataCache,
-    SiteConfig,
+    ActivityTracker, CookieManager, HttpClientFactory, MatrixHomeserver, MetadataCache, SiteConfig,
 };
 use mas_listener::{server::Server, shutdown::ShutdownStream};
 use mas_matrix_synapse::SynapseConnection;
@@ -33,9 +32,12 @@ use rand::{
 use tokio::signal::unix::SignalKind;
 use tracing::{info, info_span, warn, Instrument};
 
-use crate::util::{
-    database_pool_from_config, mailer_from_config, password_manager_from_config,
-    policy_factory_from_config, register_sighup, templates_from_config,
+use crate::{
+    app_state::AppState,
+    util::{
+        database_pool_from_config, mailer_from_config, password_manager_from_config,
+        policy_factory_from_config, register_sighup, templates_from_config,
+    },
 };
 
 #[derive(Parser, Debug, Default)]
@@ -144,6 +146,7 @@ impl Options {
         // Initialize the activity tracker
         // Activity is flushed every minute
         let activity_tracker = ActivityTracker::new(pool.clone(), Duration::from_secs(60));
+        let trusted_proxies = config.http.trusted_proxies.clone();
 
         // Explicitly the config to properly zeroize secret keys
         drop(config);
@@ -169,6 +172,7 @@ impl Options {
                 password_manager,
                 site_config,
                 activity_tracker,
+                trusted_proxies,
                 conn_acquisition_histogram: None,
             };
             s.init_metrics()?;