Dokku - get ip address of nginx reverse proxy inside container?

Question

In my ASP.NET Core server, I've have forwarding to support my OpenId Connect authentication workflow:

public void ConfigureServices(IServiceCollection services)
{
  services.Configure<ForwardedHeadersOptions>(options =>
  {
      options.ForwardedHeaders = ForwardedHeaders.XForwardedProto | ForwardedHeaders.XForwardedFor;

      // Only loopback proxies are allowed by default.
      // Clear that restriction because forwarders are enabled by explicit
      // configuration.
      options.KnownNetworks.Clear();
      options.KnownProxies.Clear();
  }
}

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
  app.UseForwardedHeaders();
}

However, I'd like to configure KnownProxies (and KnownNetworks). Is there a way to find out the ip address of the proxy server (within the context of a container)? Is the configuration static? If not, can it be automated?

Also, is this address going to be the same thing as the Host address. I.e. would resolving the ip address to host.docker.internal help? Which doesn't seem to be an easy thing to do within a Linux environment anyway...

Also, the above code comes from this documentation. Re-reading that section, is it okay to leave the above code alone? I'm assuming that locking down to a particular proxy server would be better?

Answer 1

The container IP is ephemeral, and may change across app rebuilds or redeploys. By default, Dokku will run your app on the internal docker0 network, and the only things that can access the container are services running on the server itself, so allowing access from all network interfaces is safe.