On Sun, Nov 15, 2015 at 10:01 AM, Johs Ensby <[email protected]> wrote: > Anyone with a better approach to this than this? > > $ sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 5984
Technically, you need to modify your init script to let it start couchdb as root and then via chuid get it back running via couchdb user, but I didn't try this way. > I also tried an approach with Nginx forwarding everything to localhost:5984 > with the new rewrite function. > The problem here was that the IP adress of the request object got lost on its > way, so the new rewrite function would report > peer to be 127.0.0.1 If your setup proxying right, then you'll have the following directives in your conifg: proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; And then you can get peer IP address or real requested protocol via these headers. General logic of headers processing is to look for X-* headers first and then fallback to standard solutions. -- ,,,^..^,,,
