From 490b595a01c5824ff63ffb87f0efdfca95f4bf3b Mon Sep 17 00:00:00 2001
From: Chocobozzz <me@florianbigard.com>
Date: Thu, 29 Mar 2018 10:58:24 +0200
Subject: Prevent brute force login attack

---
 support/docker/production/config/production.yaml | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'support/docker')

diff --git a/support/docker/production/config/production.yaml b/support/docker/production/config/production.yaml
index 41272ba26..7b6de32e5 100644
--- a/support/docker/production/config/production.yaml
+++ b/support/docker/production/config/production.yaml
@@ -7,6 +7,14 @@ webserver:
   hostname: undefined
   port: 443
 
+# Proxies to trust to get real client IP
+# If you run PeerTube just behind a local proxy (nginx), keep 'loopback'
+# If you run PeerTube behind a remote proxy, add the proxy IP address (or subnet)
+trust_proxy:
+  - 'loopback'
+  - 'linklocal'
+  - 'uniquelocal'
+
 # Your database name will be "peertube"+database.suffix
 database:
   hostname: 'db'
-- 
cgit v1.2.3