In the process of doing that I enabled Cloudflare caching for my analytics host name. Evidently I didn’t have this enabled before because as soon as I did all the visits to the site2 were reporting Cloudflare IP addresses instead of the user’s real IP.
I managed to find the Matomo docs for how to configure which header to use for tracking a user’s real IP and which headers Cloudflare sends through. However, I didn’t feel like modifying
php.ini files (call it PTSD) and from the Cloudflare docs they should be sending through the
X-Forwarded-For header anyway.
I was going to start dumping headers from my nginx ingress controller when I discovered that by default,
X-Forwarded-* headers are not passed through by the ingress controller.
use-forwarded-headers option in the nginx configMap fixed the issue.
apiVersion: v1 kind: ConfigMap metadata: name: nginx-configuration namespace: ingress labels: app: ingress-nginx data: enable-underscores-in-headers: 'true' ignore-invalid-headers: 'false' use-forwarded-headers: 'true'
I’m still loving how a quick
kubectl apply can push changes into production so quickly—using a properly configured CD pipeline of course.