Closed viktorsmari closed 4 years ago
@viktorsmari one thing to check here I'm not entirely sure. You usually do SSL on NGINX to reduce the impact on your app layer (rails). Shouldn't we avoid enabling SSL on rails?
I read about it here and it looks like is not actually adding the SSL layer, it just looks like it tells the app it will be served over SSL and sets the correct headers, protocols, etc... isn't, it?
https://stackoverflow.com/questions/15676596/what-does-force-ssl-do-in-rails
Was causing http urls instead of https. see: https://github.com/fablabbcn/smartcitizen-api/issues/166
Solution is to force use SSL, and forward it from Nginx to the container See more: https://github.com/rails/rails/issues/22965
If this works without problems, we can also update the auth container to use
force_ssl = true