From f2cfd37a37264c91def748ac8183be62d6cc86f5 Mon Sep 17 00:00:00 2001
From: rjshrjndrn <rjshrjndrn@gmail.com>
Date: Tue, 15 Feb 2022 18:19:54 +0100
Subject: [PATCH] chore(nginx): precedence x-forward-for ip for geo location
 tagging

Signed-off-by: rjshrjndrn <rjshrjndrn@gmail.com>
---
 .../nginx-ingress/templates/configMap.yaml    | 12 +++++++----
 .../charts/nginx-ingress/values.yaml          | 20 +++++++++++++++++++
 2 files changed, 28 insertions(+), 4 deletions(-)

diff --git a/scripts/helmcharts/openreplay/charts/nginx-ingress/templates/configMap.yaml b/scripts/helmcharts/openreplay/charts/nginx-ingress/templates/configMap.yaml
index baba2f5e0..f5b7699cd 100644
--- a/scripts/helmcharts/openreplay/charts/nginx-ingress/templates/configMap.yaml
+++ b/scripts/helmcharts/openreplay/charts/nginx-ingress/templates/configMap.yaml
@@ -13,7 +13,7 @@ data:
     }
     location ~ ^/(mobs|sessions-assets|frontend|static|sourcemaps|ios-images)/ {
       proxy_set_header X-Real-IP $remote_addr;
-      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-For $origin_forwarded_ip;
       proxy_set_header X-Forwarded-Proto $scheme;
       proxy_set_header Host $http_host;
 
@@ -38,7 +38,7 @@ data:
       proxy_http_version 1.1;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection "Upgrade";
-      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-For $origin_forwarded_ip;
       proxy_set_header X-Forwarded-Host $real_ip;
       proxy_set_header X-Real-IP $real_ip;
       proxy_set_header Host $host;
@@ -71,7 +71,7 @@ data:
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection "Upgrade";
       proxy_set_header Host $host;
-      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-For $origin_forwarded_ip;
       proxy_pass http://utilities-openreplay.app.svc.cluster.local:9000;
     }
     location /ws-assist/ {
@@ -80,7 +80,7 @@ data:
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection "Upgrade";
       proxy_set_header Host $host;
-      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-For $origin_forwarded_ip;
       proxy_set_header X-Real-IP $real_ip;
       proxy_pass http://utilities-openreplay.app.svc.cluster.local:9001;
     }
@@ -151,6 +151,10 @@ data:
       default $http_x_forwarded_proto;
       '' $scheme;
     }
+    map $http_x_forwarded_for $origin_forwarded_ip {
+      default $http_x_forwarded_for;
+      '' $remote_addr;
+    }
     # Default server for helath check
     server {
       listen 80 default_server;
diff --git a/scripts/helmcharts/openreplay/charts/nginx-ingress/values.yaml b/scripts/helmcharts/openreplay/charts/nginx-ingress/values.yaml
index 821ad9e3c..43d6d3eae 100644
--- a/scripts/helmcharts/openreplay/charts/nginx-ingress/values.yaml
+++ b/scripts/helmcharts/openreplay/charts/nginx-ingress/values.yaml
@@ -84,3 +84,23 @@ nodeSelector: {}
 tolerations: []
 
 affinity: {}
+
+healthProbes:
+  livenessProbe:
+    failureThreshold: 3
+    httpGet:
+      path: /healthz
+      port: http
+      scheme: HTTP
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 5
+  readinessProbe:
+    failureThreshold: 3
+    httpGet:
+      path: /healthz
+      port: http
+      scheme: HTTP
+    periodSeconds: 10
+    successThreshold: 1
+    timeoutSeconds: 5