feat: configurable trusted proxies for web requests

config/initializers/trusted_proxies.rb

@@ -1,15 +1,10 @@
 # frozen_string_literal: true
 
-module Rack
-  class Request
-
-    module Helpers
-
-      def trusted_proxy?(ip)
-        ip =~ /^127\.0\.0\.1$|^localhost$|^unix$$/i
-      end
-
-    end
-
-  end
+Rack::Request.ip_filter = lambda { |ip|
+  if Postal::Config.postal.trusted_proxies.any? { |net| net.include?(ip) } ||
+     ip.match(/\A127\.0\.0\.1\Z|\A::1\Z|\Afd[0-9a-f]{2}:.+|\Alocalhost\Z|\Aunix\Z|\Aunix:/i)
+    true
+  else
+    false
   end
+}

doc/config/environment-variables.md

@@ -17,6 +17,7 @@ This document contains all the environment variables which are available for thi
 | `POSTAL_USE_RESENT_SENDER_HEADER` | Boolean | Append a Resend-Sender header to all outgoing e-mails | true |
 | `POSTAL_SIGNING_KEY_PATH` | String | Path to the private key used for signing | config/postal/signing.key |
 | `POSTAL_SMTP_RELAYS` | Array of strings | An array of SMTP relays in the format of smtp://host:port |  |
+| `POSTAL_TRUSTED_PROXIES` | Array of strings | An array of IP addresses to trust for proxying requests to Postal (in addition to localhost addresses) |  |
 | `WEB_SERVER_DEFAULT_PORT` | Integer | The default port the web server should listen on unless overriden by the PORT environment variable | 5000 |
 | `WEB_SERVER_DEFAULT_BIND_ADDRESS` | String | The default bind address the web server should listen on unless overriden by the BIND_ADDRESS environment variable | 127.0.0.1 |
 | `WEB_SERVER_MAX_THREADS` | Integer | The maximum number of threads which can be used by the web server | 5 |

doc/config/yaml.yml

@@ -27,6 +27,8 @@ postal:
   signing_key_path: config/postal/signing.key
   # An array of SMTP relays in the format of smtp://host:port
   smtp_relays: []
+  # An array of IP addresses to trust for proxying requests to Postal (in addition to localhost addresses)
+  trusted_proxies: []
 
 web_server:
   # The default port the web server should listen on unless overriden by the PORT environment variable

lib/postal/config_schema.rb

@@ -84,6 +84,12 @@ module Postal
           }
         end
       end
+
+      string :trusted_proxies do
+        array
+        description "An array of IP addresses to trust for proxying requests to Postal (in addition to localhost addresses)"
+        transform { |ip| IPAddr.new(ip) }
+      end
     end
 
     group :web_server do