Currently when running lightwalletd behind a nginx frontend, it only spits out YOUR SERVER's IP address at the CLI.
This feature request is to show the connecting client's IP at the CLI as well. This might not be possible when using nginx in front of lightwalletd.
Currently when running lightwalletd behind a nginx frontend, it only spits out YOUR SERVER's IP address at the CLI.
This feature request is to show the connecting client's IP at the CLI as well. This might not be possible when using nginx in front of lightwalletd.
@jahway603 you probably want to look in your nginx logs for this data, it's called X-Forwarded-For header: https://stackoverflow.com/questions/61092127/whats-the-purpose-of-setting-x-forwarded-for-header-in-nginx
So would the block in the nginx config be this then?
```
location / {
grpc_pass grpc://devo.crabdance.com:9067;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
```
@jahway603 that looks correct for this functionality.
Note, I recommend against using grcp_pass on a public facing port (devo.crabdance.com:9067), you should instead be using localhost:9067. The outside world never needs access to lightwalletd directly, only nginx should be able to access it. This means that when you start lightwalletd you bind to localhost:9067, not devo.crabdance.com:9067.
By not using localhost, you are potentially talking to lightwalled via HTTP over the open internet, which is not secure. Port 9067 should not be open to the internet on your server.
I just updated the readme to talk about this as well.
@jahway603 that looks correct for this functionality.
Note, I recommend against using grcp_pass on a public facing port (devo.crabdance.com:9067), you should instead be using localhost:9067. The outside world never needs access to lightwalletd directly, only nginx should be able to access it. This means that when you start lightwalletd you bind to localhost:9067, not devo.crabdance.com:9067.
By not using localhost, you are potentially talking to lightwalled via HTTP over the open internet, which is not secure. Port 9067 should not be open to the internet on your server.
I just updated the readme to talk about this as well.
I get the dreaded Error during startup:grpc-status: Internal, grpc-message: "Unexpected compression flag: 60" If you repeatedly run into this issue, you might have to restore your wallet from your seed phrase. error if I setup what you've mentioned with the localhost:9067, also tried with 127.0.0.1:9067 and same thing. It's only working with the full hostname, so I'm sure we can all sort out a "standard config".
I get the dreaded `Error during startup:grpc-status: Internal, grpc-message: "Unexpected compression flag: 60"
If you repeatedly run into this issue, you might have to restore your wallet from your seed phrase.` error if I setup what you've mentioned with the localhost:9067, also tried with 127.0.0.1:9067 and same thing. It's only working with the full hostname, so I'm sure we can all sort out a "standard config".
@jahway603 you are probably getting the above error because when starting lightwalletd you are binding to something other than localhost:9067 . The value of grpc_pass in nginx config must match the value of --grpc-bind-addr given to lightwalletd
@jahway603 you are probably getting the above error because when starting lightwalletd you are binding to something other than localhost:9067 . The value of grpc_pass in nginx config must match the value of --grpc-bind-addr given to lightwalletd
Currently when running lightwalletd behind a nginx frontend, it only spits out YOUR SERVER's IP address at the CLI.
This feature request is to show the connecting client's IP at the CLI as well. This might not be possible when using nginx in front of lightwalletd.
@jahway603 you probably want to look in your nginx logs for this data, it's called X-Forwarded-For header: https://stackoverflow.com/questions/61092127/whats-the-purpose-of-setting-x-forwarded-for-header-in-nginx
So would the block in the nginx config be this then?
@jahway603 that looks correct for this functionality.
Note, I recommend against using grcp_pass on a public facing port (devo.crabdance.com:9067), you should instead be using localhost:9067. The outside world never needs access to lightwalletd directly, only nginx should be able to access it. This means that when you start lightwalletd you bind to localhost:9067, not devo.crabdance.com:9067.
By not using localhost, you are potentially talking to lightwalled via HTTP over the open internet, which is not secure. Port 9067 should not be open to the internet on your server.
I just updated the readme to talk about this as well.
I get the dreaded
Error during startup:grpc-status: Internal, grpc-message: "Unexpected compression flag: 60" If you repeatedly run into this issue, you might have to restore your wallet from your seed phrase.
error if I setup what you've mentioned with the localhost:9067, also tried with 127.0.0.1:9067 and same thing. It's only working with the full hostname, so I'm sure we can all sort out a "standard config".Opened Issue #45 because of the issue of lightwalletd not working with localhost...
@jahway603 exactly what command are you using to start lightwalletd? Ideally everybody uses start.sh
@jahway603 you are probably getting the above error because when starting lightwalletd you are binding to something other than localhost:9067 . The value of grpc_pass in nginx config must match the value of --grpc-bind-addr given to lightwalletd