enable-real-ip with custom header does not take effect if using use-proxy-protocol

[krogon]

What happened:

enable-real-ip with custom forwarded-for-header does not take effect if using use-proxy-protocol

real_ip_header nginx param is always set to proxy_protocol which requires workaround of using server-snippet to explicitly overwrite that.

What you expected to happen:
I wish being able to configure real_ip_header without the need to enable allowSnippetAnnotations.

What do you think went wrong?:
https://github.com/kubernetes/ingress-nginx/blob/ingress-nginx-3.15.2/rootfs/etc/nginx/template/nginx.tmpl#L135-L140

    {{ if or (or $cfg.UseForwardedHeaders $cfg.UseProxyProtocol) $cfg.EnableRealIp }}
    {{ if $cfg.UseProxyProtocol }}
    real_ip_header      proxy_protocol;
    {{ else }}
    real_ip_header      {{ $cfg.ForwardedForHeader }};
    {{ end }}

nginx.conf would be generated as:

real_ip_header      proxy_protocol;

instead of

real_ip_header      CF-Connecting-IP;

How to reproduce this issue:

Use following config

use-proxy-protocol: "true"
proxy-real-ip-cidr: "0.0.0.0/0"
use-forwarded-headers: "true"
enable-real-ip: "true"
forwarded-for-header: "CF-Connecting-IP"

[k8s-ci-robot]

This issue is currently awaiting triage.

If Ingress contributors determines this is a relevant issue, they will accept it by applying the triage/accepted label and provide further guidance.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[krogon]

I think this solves the issue: #12768

config:
    forwarded-for-proxy-protocol-header: "CF-Connecting-IP"