Skip to content

fix(server): add trustProxy support for reverse proxy deployments#70

Merged
steilerDev merged 1 commit into
betafrom
fix/trust-proxy
Feb 13, 2026
Merged

fix(server): add trustProxy support for reverse proxy deployments#70
steilerDev merged 1 commit into
betafrom
fix/trust-proxy

Conversation

@steilerDev
Copy link
Copy Markdown
Owner

@steilerDev steilerDev commented Feb 13, 2026

Summary

  • Adds TRUST_PROXY env var (default false) to enable Fastify's trustProxy when running behind a reverse proxy (e.g., nginx for SSL termination)
  • Without this, Fastify misinterprets proxied connections, causing 502 errors on POST /api/auth/setup due to premature upstream connection closure
  • Includes config validation, logging, .env.example documentation, and 5 new unit tests

Changes

  • server/src/app.ts — pass trustProxy to Fastify constructor from TRUST_PROXY env var
  • server/src/plugins/config.ts — add trustProxy to AppConfig interface, parsing, validation, and log output
  • .env.example — document TRUST_PROXY option under Server section
  • server/src/plugins/config.test.ts — add trustProxy: false to all default assertions + 5 new TRUST_PROXY tests

Test plan

  • npm run lint — 0 errors
  • npm run format:check — clean
  • npm run typecheck — all 3 workspaces clean
  • npm test — 613 tests pass (34 suites)
  • npm run build — succeeds
  • npm audit — 0 vulnerabilities
  • Manual: rebuild Docker image, run behind nginx-proxy with TRUST_PROXY=true, verify POST /api/auth/setup succeeds

🤖 Generated with Claude Code

@claude
fix(server): add trustProxy support for reverse proxy deployments
22a82fe 
When running behind a reverse proxy (e.g., nginx for SSL termination),
Fastify needs trustProxy enabled to correctly handle X-Forwarded-* headers.
Without this, secure cookie handling and response headers can break,
causing 502 errors from the upstream proxy.

Adds TRUST_PROXY env var (default: false) to Fastify constructor and
AppConfig, with validation and logging.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
@steilerDev steilerDev merged commit 0c5345f into beta Feb 13, 2026
3 checks passed
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Feb 13, 2026

🎉 This PR is included in version 1.7.0-beta.12 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@steilerDev steilerDev mentioned this pull request Feb 16, 2026
Merged
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Feb 16, 2026

🎉 This PR is included in version 1.7.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@steilerDev steilerDev deleted the fix/trust-proxy branch February 19, 2026 20:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@steilerDev @claude