Make nginx read real IP from CloudFlare

1. In nginx.conf under http { add:

include /etc/nginx/cloudflare;

by command:

sudo sed -i '/^[[:space:]]*http[[:space:]]*{/a\        include /etc/nginx/cloudflare;' /etc/nginx/nginx.conf

2. Create script that gets list of CloudFlare IPs:

cd ~ && touch cloudflare_nginx.sh && chmod +x cloudflare_nginx.sh && pico cloudflare_nginx.sh

Paste into that file:

#!/bin/bash

CLOUDFLARE_FILE_PATH=/etc/nginx/cloudflare

echo "#Cloudflare" > $CLOUDFLARE_FILE_PATH;
echo "" >> $CLOUDFLARE_FILE_PATH;

echo "# - IPv4" >> $CLOUDFLARE_FILE_PATH;
for i in `curl -s -L https://www.cloudflare.com/ips-v4`; do
    echo "set_real_ip_from $i;" >> $CLOUDFLARE_FILE_PATH;
done

echo "" >> $CLOUDFLARE_FILE_PATH;
echo "# - IPv6" >> $CLOUDFLARE_FILE_PATH;
for i in `curl -s -L https://www.cloudflare.com/ips-v6`; do
    echo "set_real_ip_from $i;" >> $CLOUDFLARE_FILE_PATH;
done

echo "" >> $CLOUDFLARE_FILE_PATH;
echo "real_ip_header CF-Connecting-IP;" >> $CLOUDFLARE_FILE_PATH;

#test configuration and reload nginx
nginx -t && systemctl reload nginx

3. Run script:

sudo ./cloudflare_nginx.sh

It's copy of https://github.com/ergin/nginx-cloudflare-real-ip/tree/master