Merge branch '19-rate-limiting' into 'main'

fix:#19 adding cloudflare proxy ips for real ip to config for htwkalender domain

Closes #19

See merge request ekresse/htwkalender!21

reverseproxy.conf

@@ -11,6 +11,31 @@ http {
     include       mime.types;
     default_type  application/octet-stream;
 
+    # Cloudflare IP Ranges (https://www.cloudflare.com/ips/)
+    set_real_ip_from 173.245.48.0/20;
+    set_real_ip_from 103.21.244.0/22;
+    set_real_ip_from 103.22.200.0/22;
+    set_real_ip_from 103.31.4.0/22;
+    set_real_ip_from 141.101.64.0/18;
+    set_real_ip_from 108.162.192.0/18;
+    set_real_ip_from 190.93.240.0/20;
+    set_real_ip_from 188.114.96.0/20;
+    set_real_ip_from 197.234.240.0/22;
+    set_real_ip_from 198.41.128.0/17;
+    set_real_ip_from 162.158.0.0/15;
+    set_real_ip_from 104.16.0.0/13;
+    set_real_ip_from 104.24.0.0/14;
+    set_real_ip_from 172.64.0.0/13;
+    set_real_ip_from 131.0.72.0/22;
+    set_real_ip_from 2400:cb00::/32;
+    set_real_ip_from 2606:4700::/32;
+    set_real_ip_from 2803:f800::/32;
+    set_real_ip_from 2405:b500::/32;
+    set_real_ip_from 2405:8100::/32;
+    set_real_ip_from 2a06:98c0::/29;
+    set_real_ip_from 2c0f:f248::/32;
+    real_ip_header CF-Connecting-IP;
+
     access_log  /opt/bitnami/nginx/logs/proxy_access.log;
     error_log   /opt/bitnami/nginx/logs/proxy_error.log;
 
@@ -65,7 +90,8 @@ http {
 
     server {
         listen              80;
-        server_name         frontend;
+        listen              [::]:80;
+        server_name         htwekalender.de www.htwekalender.de;
 
         location /api {
             proxy_pass http://htwkalender-backend:8090;