enable mod_remoteip. fixes #21

Dockerfile

@@ -11,6 +11,8 @@ ARG DOKUWIKI_VERSION=stable
 ENV PHP_UPLOADLIMIT 128M
 ENV PHP_MEMORYLIMIT 256M
 ENV PHP_TIMEZONE UTC
+ENV FORWARDING_PROXY 172.16.0.0/12
+ENV FORWARDING_HEADER X-Forwarded-For
 
 COPY root /
 RUN /bin/bash /build-setup.sh

README.md

@@ -26,6 +26,7 @@ On first run, use DokuWiki's [installer](https://www.dokuwiki.org/installer) to
 ## Features
 
 * xsendfile configured and enabled
+* mod_remoteip enabled and configured to trust the standard Docker networking range
 * imagemagick installed and enabled
 * nice URLs via rewriting configured and enabled
 * farming support via the [farmer plugin](https://www.dokuwiki.org/plugin:farmer)
@@ -44,6 +45,11 @@ The container runs the standard production php.ini. Some options can be set via
 
 Custom PHP configuration values can be set in a `php.ini` file in the storage volume.
 
+The remoteip module is enabled and configured to use the `X-Forwarded-For` header and trust the standard Docker networking range. You can override both using the following environment variables:
+
+* `FORWARDING_PROXY` - The trusted proxy IP range. Default `172.16.0.0/12`
+* `FORWARDING_HEADER` - The header to trust for the client IP. Default `X-Forwarded-For`
+
 ## Permissions
 
 When the container is started without setting an explicit user id (as the compose file suggests), the image will start as

root/build-setup.sh

@@ -15,6 +15,7 @@ a2enconf dokuwiki
 a2disconf security
 a2enmod rewrite
 a2enmod xsendfile
+a2enmod remoteip
 
 # Download DokuWiki from the official website or from GitHub
 curl --fail -L "https://download.dokuwiki.org/src/dokuwiki/dokuwiki-${DOKUWIKI_VERSION}.tgz" -o dokuwiki.tgz || \

root/etc/apache2/conf-available/dokuwiki.conf

@@ -15,3 +15,6 @@ ServerTokens Prod
 ServerSignature Off
 RedirectMatch 404 /\.git
 TraceEnable Off
+
+RemoteIPInternalProxy ${FORWARDING_PROXY}
+RemoteIPHeader ${FORWARDING_HEADER}