Unwanted redirects to localhost

Question

Unwanted redirects to localhost

Closed this issue 7 months ago · 27 comments

I've tried to setup Accent and I think I got it somewhat right (can't know because your docs either aren't updated or just barely finished.. or both? it's just not user/developer friendly, that's something I can tell), I believe.
The problem now is, that I've setup an A record for translate.ebio.gg which points towards my server and the server is a Nginx reverse proxy. This is my configuration:

Yet, when accessing https://translate.ebio.gg, it just redirects the browser to localhost. Is there any reason why and any way for fixing this?

Accesing the localhost:4000 web server on the same machine seems to actually return data.

This is the Docker log:

Answer 1 · 2023-12-01T14:26:38.000Z

Hello! What’s your CANONICAL_URL in your env var? All the necessary config are documented here: https://github.com/mirego/accent?tab=readme-ov-file#production-setup

From what I can tell you will need CANONICAL_URL=https://translate.ebio.gg

Answer 2 · 2023-12-01T15:20:49.000Z

Hello there,
my CANONICAL_URL is set to https://translate.ebio.gg. This is my entire environment variables configuration:

Are all of the ones from https://github.com/mirego/accent?tab=readme-ov-file#production-setup fully required?

Answer 3 · 2023-12-01T16:06:17.000Z

I think your env var are not loaded correctly since the log should show the full URL here:

[info] Running Accent.Endpoint with Bandit 1.1.0 at 0.0.0.0:4000 (http)
[info] Access Accent.Endpoint at https://afdh9f20-asdoh.ngrok.io

If you are statring it with docker compose, the environment is not read from the .env file, it is declared directly in the yaml file. This could be improved in the documentation. A PR is welcome!

Answer 4 · 2023-12-01T18:43:09.000Z

Maybe also dont put https:// before the canonical url. That broke my instance

Answer 5 · 2023-12-01T19:16:14.000Z

I think your env var are not loaded correctly since the log should show the full URL here:
[info] Running Accent.Endpoint with Bandit 1.1.0 at 0.0.0.0:4000 (http)
[info] Access Accent.Endpoint at https://afdh9f20-asdoh.ngrok.io
If you are statring it with docker compose, the environment is not read from the .env file, it is declared directly in the yaml file. This could be improved in the documentation. A PR is welcome!

Am I doing something wrong again or not? I tried to port the vars from .env to the docker-compose.yml.

Answer 6 · 2023-12-01T19:52:38.000Z

@Northernside you misspellt CANONICAL xd

Answer 7 · 2023-12-01T19:53:27.000Z

oh my fucking god
...
idk what to say
😭

Answer 8 · 2023-12-01T19:54:31.000Z

okay well, it does show me the correct url now, but it still redirects to localhost :p

Answer 9 · 2023-12-01T20:02:02.000Z

i don't think that this is the problem but it will solve a problem later. try to remove the https:// in the canonical url. that solved the problem for me

Answer 10 · 2023-12-01T20:06:18.000Z

Well, now it shows localhost:4000 again.

Strangely enough, I can access the website through the direct ip + port but not when using a domain proxied through Cloudflare and then through Nginx.

Answer 11 · 2023-12-01T20:07:21.000Z

Yes it shows that on my machine too

Answer 12 · 2023-12-01T20:07:27.000Z

But it works

Answer 13 · 2023-12-01T20:11:28.000Z

By removing the https:// the canonical is invalid so it does not enforce a URL 😄 That’s why it works.

Answer 14 · 2023-12-01T20:13:16.000Z

oh lmao. well if I didn't remove the https:// I would just get a too much redirects error

Answer 15 · 2023-12-01T20:14:45.000Z

turns out http:// works

Answer 16 · 2023-12-01T20:16:02.000Z

Yes indeed, because SSL is enforced if the canonical URI is using https.

https://github.com/mirego/accent/blob/master/config/runtime.exs#L23

Answer 17 · 2023-12-01T20:18:58.000Z

If you’re using nginx to handle the TLS stuff, the Elixir application should not be handling it too.

Answer 18 · 2023-12-01T20:20:57.000Z

However, if nginx is handling the TLS termination and passing the X-Forwarded-Proto to the Elixir application, CANONICAL_URL=https://… should work.

https://github.com/mirego/accent/blob/master/lib/accent/endpoint.ex#L50

Answer 19 · 2023-12-01T20:21:41.000Z

This is my Cloudflare:

it passes translate.ebio.gg to server X and server X is a Nginx server which then passes it to 127.0.0.1:4000, as seen here:

127.0.0.1:4000 is Accent and it's configuration is this:

cURL'ing both http and https:

Maybe this clarifies a bit more of my current issue/situation. Do you know any way on how I can prevent it from redirecting to localhost?

Changing the CANONICAL_URL from https://translate.ebio.gg to http://translate.ebio.gg does not change anything in terms of behaviour, as seen here again:

Also explicitly setting FORCE_SSL to false has no effect on this behaviour.

Answer 20 · 2023-12-01T20:24:28.000Z

then you also have to change the https:// to http:// in the canonical url as remi said

Answer 21 · 2023-12-01T20:25:34.000Z

then you also have to change the https:// to http:// in the canonical url as remi said

Well.. 👀

Answer 22 · 2023-12-01T20:26:06.000Z

ah i'm dumb and i can't read

Answer 23 · 2023-12-01T20:26:21.000Z

dont worry!

Answer 24 · 2023-12-01T20:26:34.000Z

Yeah FORCE_SSL is documented but not used in the codebase, that’s my bad 😄

Answer 25 · 2023-12-01T20:32:39.000Z

However, if nginx is handling the TLS termination and passing the X-Forwarded-Proto to the Elixir application, CANONICAL_URL=https://… should work.

https://github.com/mirego/accent/blob/master/lib/accent/endpoint.ex#L50

Tried that, nothing changed 👀

Answer 26 · 2023-12-01T20:35:21.000Z

Oh, funny thing: if I access https://translate.ebio.gg/ it returns me to https://localhost but if I access https://translate.ebio.gg/? (or any other query related input) it returns me to https://translate.ebio.gg/ AND serves the proper content. What? 😭

Answer 27 · 2023-12-01T22:09:55.000Z

Oh oops nevermind, it seems like it was just a silly cache on my side!

Thank you for all your help ❤️