From 5dfd26193090c385be870512ad38f2bc9cd99a04 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek@a6k.me>
Date: Thu, 18 Jun 2026 18:56:58 +0530
Subject: [PATCH] fix: signature mismatch for telephony

---
 docker-compose.yaml | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/docker-compose.yaml b/docker-compose.yaml
index 83ee5405..b645d295 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -164,6 +164,17 @@ services:
       # from this value and nginx load-balances across them with least_conn.
       FASTAPI_WORKERS: "${FASTAPI_WORKERS:-1}"
 
+      # Trust X-Forwarded-* headers from any peer so uvicorn honors nginx's
+      # `X-Forwarded-Proto: https`. nginx runs as its own container and reaches
+      # uvicorn from a Docker-network IP (not loopback), but uvicorn trusts only
+      # 127.0.0.1 by default — so without this it ignores the header, request.url
+      # comes back as http://…, and inbound webhook signature checks fail for
+      # every provider at once (telephony providers sign the public https URL, so
+      # the recomputed signature won't match). "*" trusts all peers; the api port
+      # (8000) is published, so firewall/harden it at the host — or narrow this
+      # to your Docker bridge subnet — if that exposure matters to you.
+      FORWARDED_ALLOW_IPS: "*"
+
       # Langfuse — credentials can be set here or per-organization via the UI
       # at /settings. Tracing is automatically active when credentials are
       # available; uncomment to set defaults for all organizations.