-
Suggestion
-
Resolution: Timed out
-
None
-
RHEL, Apache, Lighttpd
-
0
-
1
-
One common method of putting a proxy-server in front of a Java appserver is to use mod_proxy. However, when using mod_proxy the connecting IP address is proxying host (often 127.0.0.1), which breaks triggers as the connecting host won't match the repository host. Note that this will also apply where other forms or proxies (load-balancers, client caching proxies) are in place.
One option is to inspect the headers for the 'X-Forwarded-For:' header, which contains the IP of the original connecting host. The longer term (probably correct) option is to use HTTP-basic auth instead of IP filtering.
[BAM-1172] Bamboo doesn't recognise repository address when fronted by a proxy server
jmo
added a comment - I have the same problem as Miłosz, when trying to trigger a Bamboo plan from a BitBucket webhook I get the error:
"Build request for plan [MyApp] originated from 104.192.143.193,192.168.0.1 which is not an allowed address"
The Bamboo trigger is allowing the IP 104.192.143.193, but apparently it can't figure out that is the case with the proxy IP tacked on there as well
jmo
added a comment - I have the same problem as Miłosz, when trying to trigger a Bamboo plan from a BitBucket webhook I get the error:
"Build request for plan [MyApp] originated from 104.192.143.193,192.168.0.1 which is not an allowed address"
The Bamboo trigger is allowing the IP 104.192.143.193, but apparently it can't figure out that is the case with the proxy IP tacked on there as well 
Miłosz Kosobucki
added a comment - Correction:
Bamboo in fact seems to be using proxy header, but it takes it as a whole:
2014-07-22 13:37:29,790 INFO [http-apr-8085-exec-7] [TriggerRemoteBuild] Build request for plan "[Plan name]" originated from 192.168.40.157,127.0.0.1 which is not an allowed address (one of[REPOSITORY_HOSTNAME.DOMAIN, 127.0.0.1]).
It's clearly trying to compare two addresses separated by comma with each of allowed addresses, what obviously fails. I even added 127.0.0.1 to allowed addresses but as you can see, it failed.
Miłosz Kosobucki
added a comment - Correction:
Bamboo in fact seems to be using proxy header, but it takes it as a whole:
2014-07-22 13:37:29,790 INFO [http-apr-8085-exec-7] [TriggerRemoteBuild] Build request for plan "[Plan name]" originated from 192.168.40.157,127.0.0.1 which is not an allowed address (one of[REPOSITORY_HOSTNAME.DOMAIN, 127.0.0.1]).
It's clearly trying to compare two addresses separated by comma with each of allowed addresses, what obviously fails. I even added 127.0.0.1 to allowed addresses but as you can see, it failed. Miłosz Kosobucki
added a comment - In version 5.5 Bamboo still disregards any of these headers and thinks that all trigger connections come from 127.0.0.1 if behind proxy.
Miłosz Kosobucki
added a comment - In version 5.5 Bamboo still disregards any of these headers and thinks that all trigger connections come from 127.0.0.1 if behind proxy. 
Siri Vias Khalsa
added a comment - In the current version, there is a field "Trigger IP Address" on the source repository tab of the plan configuration.
Looks like this issue was solved and can be closed
Siri Vias Khalsa
added a comment - In the current version, there is a field "Trigger IP Address" on the source repository tab of the plan configuration.
Looks like this issue was solved and can be closed Where? If you manually force the IP address in Apache you are effectively removing your IP filtering.
There is an option in the Apache proxy module to pass the additional header information through, but that may not exist in other proxies (lighttpd, nginx).
Hi,
Thank you for raising this suggestion. We regret to inform you that due to limited demand, we have no plans to implement it in the foreseeable future. In order to set expectations, we're closing this request.
This is an automated update triggered by low user engagement with this suggestion (number of votes, number of watchers).
Although we're aware the issue is still important to those of you who were involved in the conversations around it, we want to be clear in managing your expectations. The Bamboo team is focusing on issues that have broad impact and high value, reflected by the number of comments, votes, support cases, and customers interested.
Atlassian will continue to watch this issue for further updates, so please feel free to share your thoughts in the comments.
Thank you,
Bamboo Team