From c5d5b76834282e19f9e14b3a57da4a0a5c067833 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nicol=C3=A1s=20Reynolds?= <fauno@endefensadelsl.org>
Date: Sun, 15 Dec 2013 13:17:35 -0300
Subject: [PATCH] Anonymous logging

Hide IP addresses in access.log's by setting them to 127.0.0.1
---
 configs/nginx/nginx.conf | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/configs/nginx/nginx.conf b/configs/nginx/nginx.conf
index d700eea..fd6ae84 100644
--- a/configs/nginx/nginx.conf
+++ b/configs/nginx/nginx.conf
@@ -50,6 +50,18 @@ http {
     proxy_cache_path                /var/cache/nginx/cached levels=2:2
     keys_zone=global:64m inactive=60m max_size=1G;
 
+    # Don't log any IP address
+    log_format  main  '127.0.0.1 - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "127.0.0.1"';
+    # Nor reverse proxies
+    proxy_set_header X-Real-IP 127.0.0.1;
+    proxy_set_header X-Forwarded-For 127.0.0.1;
+    # Or fastcgi upstreams
+    fastcgi_param REMOTE_ADDR 127.0.0.1;
+    # An anonymous log per server name 
+    access_log /var/log/nginx/$server_name.access.log main;
+
 server {
     listen 1.2.3.4:80;
     return 301 https://$host$request_uri;