search

dunglas / frankenphp

🧟 The modern PHP app server
https://frankenphp.dev
MIT License
7.02k stars 248 forks source link

Trouble with FrankenPHP in worker mode behind load balancer #1219

Open dfsoeten opened 1 day ago

dfsoeten commented 1 day ago

Hey all!

Currently I'm trying to setup FrankenPHP for my Shopware application after having great success with it in other Symonfy based applications. Everything works as expected when not using the worker mode.

After installing the FrankenPHP runtime and setting the FRANKENPHP_CONFIG to worker ./public/index.php and APP_RUNTIME to Runtime\\FrankenPhpSymfony\\Runtime the Symfony\Component\Routing\Generator\UrlGenerator generates HTTP urls instead of the HTTPS urls.

Showpare itself seems to already utilze the Symfony runtime component but usally does so using Caddy + PHP FPM. My public/index.php file is identical to the one being used here.

After thoroughly consulting Symfony's docs about configuring my Shopware application behind a load balancer, I am still unable to figure out exactly why the generated urls are using HTTP only when using FrankenPHP's worker mode. I have debugged locally to confirm that Shopware's kernel is acutally passed into the FrankenPHP runtime.

I've also made sure that my application receives the X-Forwarded-For and X-Forwarded-Proto headers by the Google Cloud Load Balancer.

Some help would be greatly appriciated!

7-zete-7 commented 1 day ago

Hi @dfsoeten!

I encountered the same problem today. Thank you very much! Your message helped me start digging in the right direction.

In my case, the problem was in Caddy not trusting the proxies above (see https://caddyserver.com/docs/caddyfile/directives/reverse_proxy#defaults). Adding the trusted_proxies option solved the problem. It might be a solution for you too.

dfsoeten commented 9 hours ago

Hey, thanks for your reply.

I don't see how this solves the issue. Primarly because FrankenPHP works as expected when not running in worker mode. To me it seems that confirms my configuration (FrankenPHP, Google Cloud LB, Symfony) have been configured properly.

Just in case I gave it a shot by configuring the following environment variable: CADDY_GLOBAL_OPTIONS and set it to servers { \n trusted_proxies static private_ranges \n } to trust all private ranges as per Caddy docs. This doesn't solve my issue.

Thanks regardless for your input! I'm open to any further ideas.