What is the nature and description of the request?

When sending Ansible Automation Platform through a proxy/load balancer client ip is not always translated correctly for log exports

Why does the customer need this?

So reliable data about logins and activity can be correctly sourced to the iP

How would you like to achieve this?

Currently it will only export nginx logs with the client ip even if an additional IP is post-pending to the log string

List any affected known dependencies: Doc, UI etc..

Controller

How to reproduce

When building a proxy via the below method the client address is post-pending to the end of the string instead of being passed at the start.

 

This is from the /etc/nginx/conf.d file

server_names_hash_bucket_size 128;

server {
    listen 4443 ssl;
    server_name servername.com;

    ssl_certificate /etc/nginx/ssl/automationplatform.crt;
    ssl_certificate_key /etc/nginx/ssl/automationplatform.key;

1.    ssl_protocols TLSv1.3;
       error_log /var/log/nginx/info.log info;

    location /

{         proxy_pass https://controller;         proxy_http_version 1.1;         proxy_set_header Host $host;         proxy_set_header X-Real-IP $remote_addr;         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #         proxy_set_header X-Forwarded-Proto $scheme;     }

}

upstream controller

{     server target.servername.com:443; }

 

 

Logs
xxx.xxx.xxx.xxx - - [13/Feb/2025:10:59:40 +0100] "GET /api/v2/settings/system/ HTTP/1.0" 200 1582 "https://automationcontroller.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" "xxx.xxx.xxx.xxx"
xxx.xxx.xxx.xxx - - [13/Feb/2025:10:59:40 +0100] "GET /api/v2/organizations/?page_size=1&role_level=execution_environment_admin_role HTTP/1.0" 200 52 "https://automationcontroller.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0" "xxx.xxx.xxx.xxx"