Hi all, had a quick question about how to configure IP banning properly when HA is running through a Cloudflare tunnel.
I started, after establishing the tunnel, that when whatever out there on the internet fails to authenticate with the server, there will be a failed login message from 127.0.0.1. I thought this was weird at first, maybe an add-on or something was misbehaving, but then I connected to a different VPN server and purposefully failed a login - but this was also logged as 127.0.0.1! Obviously this is not very useful and makes IP banning effectively useless. How can I configure HA/Cloudflared to forward the IP of who/whatever is attempting to authenticate?
This is my IP banning config:
http:
ip_ban_enabled: true
login_attempts_threshold: 4
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24