I followed the documentation for swag and installed this container and mariadb plus dropped wordpress tar. Everything works, except I am unable to block access to wp-admin folder based on the Client IP. My client IP is always the swag container IP. I do not use the proxy solution. How can I fix this?
how are you serving the wordpress site? you say you’re not proxying it which i suppose means you creating a new site-conf file to serve it? did you include all the includes from the default?
All I did was:
wget https://wordpress.org/latest.tar.gz
#tar xvf latest.tar.gz -C /home/joe/volumes/swag/www/wordpress/
made change into the default file here:
/home/joe/volumes/swag/nginx/site-confs
root /config/www/wordpress;
And everything works, only Client IP is always the IP of the SWAG container, internal IP( 10.89.0.3).
Are you seeing any errors in your logs about out of date files?
I have the same setup as you (more or less) and i can see my ipv4 and ipv6 properly in logs. the logins shown below are all from me, internal to my network.
I am looking at the access log on nginx and no matter where the user/client is coming from I get the nginx IP as Client IP.
Actually it is the SWAG container IP.
At this point, you’ll need to provide your compose for swag and docker logs. Please also provide what the docker host is (arm/amd64/etc)
I can’t reproduce your behavior
Just a couple clarifications. I am using podman and podman-compose. The OS is Fedora Server 35. See bellow CPU:
processor : 3
vendor_id : GenuineIntel
cpu family : 6
model : 158
model name : Intel(R) Core™ i5-7500 CPU @ 3.40GHz
stepping : 9
microcode : 0xec
cpu MHz : 3400.000
cache size : 6144 KB
I will collect logs and provide them latter.
We do not support deploying our containers via podman, we also do not test on redhat derivatives. My suggestion to you would be to 1) determine how to ensure selinux isn’t causing any issues and 2) try to reproduce the issue using docker and docker-compose.