Add way to filter IP addresses to be allowed to access

[inverse]

⚠️⚠️⚠️ Since we do not accept all types of pull requests and do not want to waste your time. Please be sure that you have read pull request rules:
https://github.com/louislam/uptime-kuma/blob/master/CONTRIBUTING.md#can-i-create-a-pull-request-for-uptime-kuma

Tick the checkbox if you understand [x]:

• I have read and understand the pull request rules.

Description

Provides a flag to restrict IPs that should be able to access the server by providing a comma seperated arg or env var that can be used to provide an allow list of IP addresses. e.g

node server/server.js --ips-to-allow=::1,::ffff:192.168.1.67

A requirement for Home Assistant Ingress is to restrict access.

See: https://developers.home-assistant.io/docs/add-ons/presentation/#ingress

Fixes #(issue)

Type of change

Please delete any options that are not relevant.

• New feature (non-breaking change which adds functionality)

Checklist

• My code follows the style guidelines of this project
• I ran ESLint and other linters for modified files
• I have performed a self-review of my own code and tested it
• I have commented my code, particularly in hard-to-understand areas
  (including JSDoc for methods)
• My changes generate no new warnings
• My code needed automated testing. I have added them (this is optional task)

Screenshots (if any)

Please do not use any external image service. Instead, just paste in or drag and drop the image here, and it will be uploaded automatically.

[Zaid-maker]

We suport multiple node version so i dont think its good to add .nvmrc. we support 14/ 16/ 18/ 20.4.

[freiit]

Can you replace your typeof ipsToAllow !== "string" with something like this ipsToAllow?.split(',').every(ip => net.isIP(ip))?

[Zaid-maker]

Can you replace your typeof ipsToAllow !== "string" with something like this ipsToAllow?.split(',').every(ip => net.isIP(ip))?

You can review the code and tell that there by going to Commits tab.

[freiit]

Please replace your typeof ipsToAllow !== "string" with something like this ipsToAllow?.split(',').every(ip => net.isIP(ip))

[inverse]

@freiit Adding IP validation sounds like a good idea!

But don't I also need to have the type validation first? For example if I pass --ips-to-allow=1 it gets treats as a number.

2023-11-11T11:31:50+01:00 [SERVER] ERROR: IPs to allow must be a string, number provided

[inverse]

One open question - where should I document the flag/env var?

I see there is https://github.com/louislam/uptime-kuma/wiki/Environment-Variables but I guess you need to have elevated permissions to modify.

[louislam]

The wiki is in another repo: https://github.com/louislam/uptime-kuma-wiki

Also want to remind that Uptime Kuma is mainly a Socket.io application, express is just part of it. Not sure if express-ipfilter handle Socket.io connection too.

Will come back and review in the milestone 2.2.0.