fix: onboarding unblocked for reverse proxy / SSH tunnel deployments (fixes #390) (#391)

- Read X-Forwarded-For and X-Real-IP before falling back to raw socket IP - Add HERMES_WEBUI_ONBOARDING_OPEN=1 env var escape hatch for remote servers - Error message now includes the env var hint - 18 new tests (TestOnboardingIPLogic + TestOnboardingSetupEndpoint) Co-authored-by: Nathan Esquenazi <nesquena@gmail.com>
2026-04-13 17:52:07 -07:00
parent acc14f2f0b
commit 2acee7fc34
4 changed files with 205 additions and 4 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,12 @@
 # Hermes Web UI -- Changelog
 ## [v0.50.22] Onboarding unblocked for reverse proxy / SSH tunnel deployments (fixes #390)
 - `api/routes.py`: Onboarding setup endpoint now reads `X-Forwarded-For` and `X-Real-IP` headers before falling back to raw socket IP — reverse proxy (nginx/Caddy/Traefik) and SSH tunnel users are no longer incorrectly blocked
 - Added `HERMES_WEBUI_ONBOARDING_OPEN=1` env var escape hatch for operators on remote servers who control network access themselves
 - Error message now includes the env var hint so users know how to unblock themselves
 - 18 new tests covering all IP resolution paths (`TestOnboardingIPLogic`, `TestOnboardingSetupEndpoint`)
 > Living document. Updated at the end of every sprint.
 > Repository: https://github.com/nesquena/hermes-webui
--- a/api/routes.py
+++ b/api/routes.py
@@ -914,16 +914,26 @@ def handle_post(handler, parsed) -> bool:
        # Writing API keys to disk - restrict to local/private networks unless auth is active.
        # In Docker, requests arrive from the bridge network (172.x.x.x), not 127.0.0.1,
        # even when the user accesses via localhost:8787 on the host.
        # Behind a reverse proxy (nginx/Caddy/Traefik) or SSH tunnel, X-Forwarded-For
        # carries the real origin IP — read it first before falling back to the raw socket addr.
        # HERMES_WEBUI_ONBOARDING_OPEN=1 lets operators on remote servers explicitly bypass
        # the check when they control network access themselves (e.g. firewall + VPN).
        from api.auth import is_auth_enabled
-        if not is_auth_enabled():
+        import os as _os
        if not is_auth_enabled() and not _os.getenv("HERMES_WEBUI_ONBOARDING_OPEN"):
            import ipaddress
            try:
-                addr = ipaddress.ip_address(handler.client_address[0])
+                # Prefer forwarded headers set by reverse proxies
                _xff = handler.headers.get("X-Forwarded-For", "").split(",")[0].strip()
                _xri = handler.headers.get("X-Real-IP", "").strip()
                _raw = handler.client_address[0]
                _ip_str = _xff or _xri or _raw
                addr = ipaddress.ip_address(_ip_str)
                is_local = addr.is_loopback or addr.is_private
            except ValueError:
                is_local = False
            if not is_local:
-                return bad(handler, "Onboarding setup is only available from local networks when auth is not enabled.", 403)
+                return bad(handler, "Onboarding setup is only available from local networks when auth is not enabled. To bypass this on a remote server, set HERMES_WEBUI_ONBOARDING_OPEN=1.", 403)
        try:
            return j(handler, apply_onboarding_setup(body))
        except ValueError as e:
--- a/static/index.html
+++ b/static/index.html
@@ -528,7 +528,7 @@
                <div class="settings-section-title">System</div>
                <div class="settings-section-meta">Instance version and access controls.</div>
              </div>
-              <span class="settings-version-badge">v0.50.21</span>
+              <span class="settings-version-badge">v0.50.22</span>
            </div>
            <div class="settings-field" style="border-top:1px solid var(--border);padding-top:12px;margin-top:8px">
              <label for="settingsPassword" data-i18n="settings_label_password">Access Password</label>
--- a/tests/test_onboarding_network.py
+++ b/tests/test_onboarding_network.py
@@ -0,0 +1,184 @@
 """
 Tests: onboarding /api/onboarding/setup network restriction logic (issue #390).
 Covers:
  1. Request from 127.0.0.1 (loopback) is allowed without auth
  2. Request from RFC-1918 private IP (172.x, 192.168.x, 10.x) is allowed without auth
  3. Request from public IP is blocked without auth → 403
  4. X-Forwarded-For loopback IP is trusted → allowed
  5. X-Forwarded-For private IP is trusted → allowed
  6. X-Forwarded-For public IP → still blocked
  7. X-Real-IP loopback → allowed
  8. HERMES_WEBUI_ONBOARDING_OPEN=1 bypasses the check entirely
  9. Auth enabled → check skipped, any IP allowed
 """
 import json
 import os
 import pathlib
 import sys
 import unittest.mock
 import urllib.error
 import urllib.request
 import pytest
 REPO = pathlib.Path(__file__).parent.parent
 BASE = "http://127.0.0.1:8788"
 # ---------------------------------------------------------------------------
 # Unit tests — directly test the IP-resolution + guard logic in routes.py
 # without needing a live server. We replicate the logic to keep tests fast
 # and independent of server startup.
 # ---------------------------------------------------------------------------
 def _is_local_from_handler(
    raw_ip: str,
    xff: str = "",
    xri: str = "",
    auth_enabled: bool = False,
    open_env: bool = False,
 ) -> bool | str:
    """
    Mirror of the onboarding IP check in api/routes.py.
    Returns True if the request would be allowed, False if blocked,
    or the error message string if blocked.
    """
    import ipaddress
    if auth_enabled or open_env:
        return True
    _xff = xff.split(",")[0].strip() if xff else ""
    _xri = xri.strip()
    _ip_str = _xff or _xri or raw_ip
    try:
        addr = ipaddress.ip_address(_ip_str)
        is_local = addr.is_loopback or addr.is_private
    except ValueError:
        is_local = False
    return is_local
 class TestOnboardingIPLogic:
    """Unit tests for the IP-resolution logic (no live server needed)."""
    def test_loopback_allowed(self):
        assert _is_local_from_handler("127.0.0.1") is True
    def test_ipv6_loopback_allowed(self):
        assert _is_local_from_handler("::1") is True
    def test_private_172_allowed(self):
        """Docker bridge addresses (172.17.x.x) must be allowed."""
        assert _is_local_from_handler("172.17.0.1") is True
    def test_private_192168_allowed(self):
        assert _is_local_from_handler("192.168.1.100") is True
    def test_private_10_allowed(self):
        assert _is_local_from_handler("10.0.0.5") is True
    def test_public_ip_blocked(self):
        assert _is_local_from_handler("8.8.8.8") is False
    def test_xff_loopback_trusted(self):
        """Reverse proxy sets X-Forwarded-For to 127.0.0.1 — should be allowed."""
        assert _is_local_from_handler("172.20.0.1", xff="127.0.0.1") is True
    def test_xff_private_trusted(self):
        """Reverse proxy sets X-Forwarded-For to LAN IP — should be allowed."""
        assert _is_local_from_handler("172.20.0.1", xff="192.168.1.50") is True
    def test_xff_public_blocked(self):
        """Public IP in X-Forwarded-For should still be blocked."""
        assert _is_local_from_handler("172.20.0.1", xff="8.8.8.8") is False
    def test_xff_first_entry_used(self):
        """X-Forwarded-For may have multiple IPs; only the first (client) is used."""
        # First entry is private → allowed
        assert _is_local_from_handler("172.20.0.1", xff="10.0.0.1, 172.20.0.1") is True
        # First entry is public → blocked
        assert _is_local_from_handler("172.20.0.1", xff="8.8.8.8, 172.20.0.1") is False
    def test_xreal_ip_loopback_trusted(self):
        """X-Real-IP loopback → allowed."""
        assert _is_local_from_handler("172.20.0.1", xri="127.0.0.1") is True
    def test_xreal_ip_private_trusted(self):
        assert _is_local_from_handler("172.20.0.1", xri="10.1.2.3") is True
    def test_xff_takes_priority_over_xri(self):
        """X-Forwarded-For wins over X-Real-IP when both present."""
        # XFF says public, XRI says local → blocked (XFF takes priority)
        assert _is_local_from_handler("172.20.0.1", xff="8.8.8.8", xri="127.0.0.1") is False
    def test_open_env_bypasses_check(self):
        """HERMES_WEBUI_ONBOARDING_OPEN=1 allows any IP."""
        assert _is_local_from_handler("8.8.8.8", open_env=True) is True
    def test_auth_enabled_bypasses_check(self):
        """When auth is enabled, IP check is skipped entirely."""
        assert _is_local_from_handler("8.8.8.8", auth_enabled=True) is True
    def test_invalid_ip_blocked(self):
        """Malformed IP in header → treated as non-local → blocked."""
        assert _is_local_from_handler("not-an-ip") is False
 # ---------------------------------------------------------------------------
 # Integration tests — hit the live test server at port 8788
 # ---------------------------------------------------------------------------
@pytest.mark.integration
 class TestOnboardingSetupEndpoint:
    """
    Integration tests for /api/onboarding/setup.
    These require the test server running on port 8788.
    """
    def _post(self, path: str, data: dict, headers: dict | None = None) -> tuple[int, dict]:
        payload = json.dumps(data).encode()
        req = urllib.request.Request(
            BASE + path,
            data=payload,
            method="POST",
            headers={"Content-Type": "application/json", **(headers or {})},
        )
        try:
            with urllib.request.urlopen(req, timeout=10) as r:
                return r.status, json.loads(r.read())
        except urllib.error.HTTPError as e:
            return e.code, json.loads(e.read())
    def test_loopback_request_allowed(self):
        """
        Requests from 127.0.0.1 (which is what the test server sees) should
        pass the IP check. We confirm no 403 is returned.
        """
        # The test server runs on 127.0.0.1:8788 so client_address[0] is 127.0.0.1.
        # A valid setup payload with a mock provider should not be rejected for IP reasons.
        # We patch apply_onboarding_setup to avoid actually writing any config.
        import unittest.mock
        with unittest.mock.patch("api.onboarding.apply_onboarding_setup", return_value={"ok": True}):
            status, body = self._post(
                "/api/onboarding/setup",
                {"provider": "anthropic", "model": "claude-sonnet-4.6", "api_key": "test-key"},
            )
        # Should not be 403 (IP blocked). May be 200 or another error from apply logic.
        assert status != 403, f"Got 403 — IP check incorrectly blocked loopback. Body: {body}"
    def test_xff_loopback_header_respected(self):
        """
        Simulated reverse proxy: raw TCP is 127.0.0.1 but X-Forwarded-For is also
        127.0.0.1. Should be allowed.
        """
        import unittest.mock
        with unittest.mock.patch("api.onboarding.apply_onboarding_setup", return_value={"ok": True}):
            status, body = self._post(
                "/api/onboarding/setup",
                {"provider": "anthropic", "model": "claude-sonnet-4.6", "api_key": "test-key"},
                headers={"X-Forwarded-For": "127.0.0.1"},
            )
        assert status != 403, f"Got 403 with XFF=127.0.0.1. Body: {body}"