Add reverse proxy support for Flask application

challgren · claude · challgren · commit 3a8ee91ef34a · 2025-08-05T20:36:02.000-05:00
- Added ProxyFix middleware to handle X-Forwarded-* headers - Configured proper trust levels for proxy headers (For, Proto, Host, Prefix) - Application now works correctly behind docker-reversewebproxy - Added documentation for reverse proxy configuration - All API endpoints use relative URLs for proxy compatibility 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
diff --git a/README.md b/README.md
@@ -127,6 +127,33 @@ Access at: `http://localhost:8888`
 Access at: `http://localhost:8888/history`
 
 - Browse all historical pattern detections
+
+### Reverse Proxy Support
+
+The application works seamlessly behind reverse proxies like `ghcr.io/sdr-enthusiasts/docker-reversewebproxy`. The Flask application automatically handles:
+
+- `X-Forwarded-For` - Client IP addresses
+- `X-Forwarded-Proto` - HTTP/HTTPS protocol
+- `X-Forwarded-Host` - Original hostname
+- `X-Forwarded-Prefix` - URL path prefix
+
+Example reverse proxy configuration:
+
+```yaml
+services:
+  reversewebproxy:
+    image: ghcr.io/sdr-enthusiasts/docker-reversewebproxy:latest
+    ports:
+      - "80:80"
+      - "443:443"
+    environment:
+      - PROXY_HOSTS=aircraft,aircraft-circle,8888
+
+  aircraft-circle:
+    image: ghcr.io/challgren/aircraft-circle:latest
+    environment:
+      - TAR1090_URL=http://tar1090:80
+```
 - Filter by date range, pattern type, and callsign
 - Visual timeline of detection activity
 - Direct links to TAR1090 replay for each pattern
diff --git a/app.py b/app.py
@@ -1380,6 +1380,7 @@
 import shutil
 from flask import Flask, render_template_string, jsonify
 from flask_cors import CORS
+from werkzeug.middleware.proxy_fix import ProxyFix
 import webbrowser
 
 
@@ -2510,6 +2511,17 @@ def start_web_server(self, port=8888):
             static_folder = None
             
         app = Flask(__name__, static_folder=static_folder)
+        
+        # Configure for reverse proxy - handles X-Forwarded-* headers
+        # This allows the app to work correctly behind docker-reversewebproxy
+        app.wsgi_app = ProxyFix(
+            app.wsgi_app,
+            x_for=1,      # Trust X-Forwarded-For header for client IP
+            x_proto=1,    # Trust X-Forwarded-Proto for HTTP/HTTPS
+            x_host=1,     # Trust X-Forwarded-Host for original host
+            x_prefix=1    # Trust X-Forwarded-Prefix for URL prefix
+        )
+        
         CORS(app)
         self.web_app = app
         
