services.oauth2-proxy.trustedProxyIP
NixOS option
List of IPs or CIDR ranges allowed to supply X-Forwarded-* headers when reverseProxy is enabled. If not set, OAuth2 Proxy preserves backwards compatibility by trusting all source IPs (0.0.0.0/0, ::/0) and logs a warning at startup. Configure this to your reverse proxy addresses to prevent forwarded header spoofing.
type: list of stringDefault
declared in: nixos/modules/services/security/oauth2-proxy.nixView source on NixOS/nixpkgs →[ ]