There are many other projects as well: Identity, Icons, Notifications, etc. Do these all need these options too?

These projects don't need the client IP. API and Admin use the IP for access logging

Ok. Can you explain what type of setup you have here that is requiring these headers vs a regular installation?

Our BitWarden setup is running on OpenShift. With this setup, each project has a different IP. When nginx is passing the X-Forwarded-For headers upstream, the API does not use this information as the nginx ip is not in its list of KnownProxies or KnownNetworks

each project has a different IP

Do you mean each Bitwarden project (API, Admin, etc) or something else?

yes, that's the issue

If Admin and API have different proxy IP addresses then this solution would not work. You have it specified in global settings, which there is only one of (defined in global env file) that will apply to all containers.

Admin and API get served by the same proxy but they reject the headers

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}