Unwanted redirects to localhost

[Northernside]

I've tried to setup Accent and I think I got it somewhat right (can't know because your docs either aren't updated or just barely finished.. or both? it's just not user/developer friendly, that's something I can tell), I believe. The problem now is, that I've setup an A record for translate.ebio.gg which points towards my server and the server is a Nginx reverse proxy. This is my configuration:

Yet, when accessing https://translate.ebio.gg, it just redirects the browser to localhost. Is there any reason why and any way for fixing this?

Accesing the localhost:4000 web server on the same machine seems to actually return data.

This is the Docker log:

[simonprev]

Hello! What’s your CANONICAL_URL in your env var? All the necessary config are documented here: https://github.com/mirego/accent?tab=readme-ov-file#production-setup

From what I can tell you will need CANONICAL_URL=https://translate.ebio.gg

[Northernside]

Hello there, my CANONICAL_URL is set to https://translate.ebio.gg. This is my entire environment variables configuration:

Are all of the ones from https://github.com/mirego/accent?tab=readme-ov-file#production-setup fully required?

[simonprev]

I think your env var are not loaded correctly since the log should show the full URL here:

[info] Running Accent.Endpoint with Bandit 1.1.0 at 0.0.0.0:4000 (http)
[info] Access Accent.Endpoint at https://afdh9f20-asdoh.ngrok.io

If you are statring it with docker compose, the environment is not read from the .env file, it is declared directly in the yaml file. This could be improved in the documentation. A PR is welcome!

[RappyTV]

Maybe also dont put https:// before the canonical url. That broke my instance

[Northernside]

I think your env var are not loaded correctly since the log should show the full URL here:

[info] Running Accent.Endpoint with Bandit 1.1.0 at 0.0.0.0:4000 (http)
[info] Access Accent.Endpoint at https://afdh9f20-asdoh.ngrok.io

If you are statring it with docker compose, the environment is not read from the .env file, it is declared directly in the yaml file. This could be improved in the documentation. A PR is welcome!

Am I doing something wrong again or not? I tried to port the vars from .env to the docker-compose.yml.

[RappyTV]

@Northernside you misspellt CANONICAL xd

[Northernside]

oh my fucking god ... idk what to say 😭

[Northernside]

okay well, it does show me the correct url now, but it still redirects to localhost :p

[RappyTV]

i don't think that this is the problem but it will solve a problem later. try to remove the https:// in the canonical url. that solved the problem for me

[Northernside]

Well, now it shows localhost:4000 again.

Strangely enough, I can access the website through the direct ip + port but not when using a domain proxied through Cloudflare and then through Nginx.

[RappyTV]

Yes it shows that on my machine too

[RappyTV]

But it works

[simonprev]

By removing the https:// the canonical is invalid so it does not enforce a URL 😄 That’s why it works.

[RappyTV]

oh lmao. well if I didn't remove the https:// I would just get a too much redirects error

[RappyTV]

turns out http:// works

[remi]

Yes indeed, because SSL is enforced if the canonical URI is using https.

https://github.com/mirego/accent/blob/master/config/runtime.exs#L23

[remi]

If you’re using nginx to handle the TLS stuff, the Elixir application should not be handling it too.

[remi]

However, if nginx is handling the TLS termination and passing the X-Forwarded-Proto to the Elixir application, CANONICAL_URL=https://… should work.

https://github.com/mirego/accent/blob/master/lib/accent/endpoint.ex#L50

[Northernside]

This is my Cloudflare:

it passes translate.ebio.gg to server X and server X is a Nginx server which then passes it to 127.0.0.1:4000, as seen here:

127.0.0.1:4000 is Accent and it's configuration is this:

cURL'ing both http and https:

Maybe this clarifies a bit more of my current issue/situation. Do you know any way on how I can prevent it from redirecting to localhost?

Changing the CANONICAL_URL from https://translate.ebio.gg to http://translate.ebio.gg does not change anything in terms of behaviour, as seen here again:

Also explicitly setting FORCE_SSL to false has no effect on this behaviour.

[RappyTV]

then you also have to change the https:// to http:// in the canonical url as remi said

[Northernside]

then you also have to change the https:// to http:// in the canonical url as remi said

Well.. 👀

[RappyTV]

ah i'm dumb and i can't read

[Northernside]

dont worry!

[simonprev]

Yeah FORCE_SSL is documented but not used in the codebase, that’s my bad 😄

[Northernside]

However, if nginx is handling the TLS termination and passing the X-Forwarded-Proto to the Elixir application, CANONICAL_URL=https://… should work.

https://github.com/mirego/accent/blob/master/lib/accent/endpoint.ex#L50

Tried that, nothing changed 👀

[Northernside]

Oh, funny thing: if I access https://translate.ebio.gg/ it returns me to https://localhost but if I access https://translate.ebio.gg/? (or any other query related input) it returns me to https://translate.ebio.gg/ AND serves the proper content. What? 😭

[Northernside]

Oh oops nevermind, it seems like it was just a silly cache on my side!

Thank you for all your help ❤️