enhance(backend): 設定ファイルにFastifyOptions.trustProxyを追加 (#16567)

* enhance(backend): 設定ファイルにFastifyOptions.trustProxyを追加 Signed-off-by: eternal-flame-AD <yume@yumechi.jp> * try harder Signed-off-by: eternal-flame-AD <yume@yumechi.jp> --------- Signed-off-by: eternal-flame-AD <yume@yumechi.jp>
2025-09-22 05:45:01 -05:00 · 2025-09-22 05:45:01 -05:00 · 211365de64
parent 966127c63e
commit 211365de64
4 changed files with 16 additions and 3 deletions
--- a/.config/example.yml
+++ b/.config/example.yml
@ -105,6 +105,16 @@ port: 3000
 # socket: /path/to/misskey.sock
 # chmodSocket: '777'

+# Proxy trust settings
+#
+# Changes how the server interpret the origin IP of the request.
+#
+# Any format supported by Fastify is accepted.
+# Default: trust all proxies (i.e. trustProxy: true)
+# See: https://fastify.dev/docs/latest/reference/server/#trustproxy
+#
+# trustProxy: 1
+
 #   ┌──────────────────────────┐
 #───┘ PostgreSQL configuration └────────────────────────────────

--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -16,8 +16,7 @@
 - Fix: iOSで、デバイスがダークモードだと初回読み込み時にエラーになる問題を修正

 ### Server
-
-
+- Enhance: ユーザーIPを確実に取得できるために設定ファイルにFastifyOptions.trustProxyを追加しました

 ## 2025.9.0

--- a/packages/backend/src/config.ts
+++ b/packages/backend/src/config.ts
@ -7,6 +7,7 @@ import * as fs from 'node:fs';
 import { fileURLToPath } from 'node:url';
 import { dirname, resolve } from 'node:path';
 import * as yaml from 'js-yaml';
+import { type FastifyServerOptions } from 'fastify';
 import type * as Sentry from '@sentry/node';
 import type * as SentryVue from '@sentry/vue';
 import type { RedisOptions } from 'ioredis';
@ -27,6 +28,7 @@ type Source = {
 	url?: string;
 	port?: number;
 	socket?: string;
+	trustProxy?: FastifyServerOptions['trustProxy'];
 	chmodSocket?: string;
 	disableHsts?: boolean;
 	db: {
@ -118,6 +120,7 @@ export type Config = {
 	url: string;
 	port: number;
 	socket: string | undefined;
+	trustProxy: FastifyServerOptions['trustProxy'];
 	chmodSocket: string | undefined;
 	disableHsts: boolean | undefined;
 	db: {
@ -266,6 +269,7 @@ export function loadConfig(): Config {
 		url: url.origin,
 		port: config.port ?? parseInt(process.env.PORT ?? '', 10),
 		socket: config.socket,
+		trustProxy: config.trustProxy,
 		chmodSocket: config.chmodSocket,
 		disableHsts: config.disableHsts,
 		host,
--- a/packages/backend/src/server/ServerService.ts
+++ b/packages/backend/src/server/ServerService.ts
@ -75,7 +75,7 @@ export class ServerService implements OnApplicationShutdown {
 	@bindThis
 	public async launch(): Promise<void> {
 		const fastify = Fastify({
-			trustProxy: true,
+			trustProxy: this.config.trustProxy ?? true,
 			logger: false,
 		});
 		this.#fastify = fastify;