Hi guys, so I'm learning axum and have a lil personal website. Currently as a workaround, my program is running on port 3000 but I'm using nginx to reverse proxy the port 80 to that port. I did that because I already had TLS configured there, but that seems like not the best solution as every connection in my program is coming from 127.0.0.1, I assume that's because of the nginx forwarding.
How should I implement this in axum? Should I just make my program directly listen to port 80? But that would need to configure TLS again, what if I have multiple projects?
Why is it a problem that the connections are coming from 127.0.0.1? Regardless, if you do need your axum app to know who your clients are, the usual way is to configure Nginx to send an X-Forwarded-For or Forwarded header when forwarding requests to axum, and then use something like axum-client-ip to retrieve the value of the header.
Thanks for your reply! Didn't know the usual way was like that. Sorry for my ignorance, just thought maybe using nginx to redirect expressions to rust was doing some kind of a bottleneck or an extra step.
Didn't know even on prod there's no problem on connections comming from there! I'll use the Forwarded header if I need to then.
Thanks!
It's better not to need to; source IP address is a very unreliable indicator of anything. You especially should not use it to authorize access. The only thing that it is really important for is anti-spam, and that's a use that has collateral damage.
yep I won't be doing really important stuff with that, but as I'm starting and getting to know it, a cool idea I had is to make an interactive map of unique visitors and marking the countries and stuff!
thanks for your advice tho
