Open virdb opened 1 month ago
Try ALLOWED_HOSTS=[\"*\"]
in your local.env
file.
I did, but unsuccessfully.
This is what I found in the log of archyve-archyve-1:
I, [2024-09-18T07:23:12.216652 #62] INFO -- : [f29be021-4264-4811-999d-a3e4a94c2e70] Started GET "/" for 192.168.3.222 at 2024-09-18 07:23:12 +0000
I, [2024-09-18T07:23:37.773307 #34] INFO -- : [ce1d62c2-9adb-4b7c-8ea1-04155ba5220b] Started GET "/" for 192.168.3.222 at 2024-09-18 07:23:37 +0000
I, [2024-09-18T07:23:58.901556 #62] INFO -- : [f29be021-4264-4811-999d-a3e4a94c2e70] Processing by CollectionsController#index as HTML
I, [2024-09-18T07:23:58.901571 #34] INFO -- : [ce1d62c2-9adb-4b7c-8ea1-04155ba5220b] Processing by CollectionsController#index as HTML
I, [2024-09-18T07:24:04.180216 #34] INFO -- : [ce1d62c2-9adb-4b7c-8ea1-04155ba5220b] Completed 401 Unauthorized in 5155ms (ActiveRecord: 0.0ms | Allocations: 2294)
I, [2024-09-18T07:24:04.180207 #62] INFO -- : [f29be021-4264-4811-999d-a3e4a94c2e70] Completed 401 Unauthorized in 5155ms (ActiveRecord: 0.0ms | Allocations: 2294)
I, [2024-09-18T07:24:06.845087 #34] INFO -- : [c01d3276-18d6-4722-ae2d-11ac66de2e80] Started GET "/" for 192.168.3.222 at 2024-09-18 07:24:06 +0000
I, [2024-09-18T07:24:07.008232 #34] INFO -- : [c01d3276-18d6-4722-ae2d-11ac66de2e80] Processing by CollectionsController#index as HTML
I, [2024-09-18T07:24:07.124047 #34] INFO -- : [c01d3276-18d6-4722-ae2d-11ac66de2e80] Completed 401 Unauthorized in 116ms (ActiveRecord: 0.0ms | Allocations: 731)
I, [2024-09-18T07:24:09.521661 #34] INFO -- : [a1870165-c6c3-4ed9-8c45-50ba2c2d744d] Started GET "/users/sign_in" for 192.168.3.222 at 2024-09-18 07:24:09 +0000
I, [2024-09-18T07:24:10.181405 #34] INFO -- : [a1870165-c6c3-4ed9-8c45-50ba2c2d744d] Processing by Devise::SessionsController#new as HTML
I, [2024-09-18T07:24:25.585651 #34] INFO -- : [a1870165-c6c3-4ed9-8c45-50ba2c2d744d] Rendered layout layouts/application.html.erb (Duration: 4368.3ms | Allocations: 4501)
I, [2024-09-18T07:24:25.783197 #34] INFO -- : [a1870165-c6c3-4ed9-8c45-50ba2c2d744d] Completed 200 OK in 15553ms (Views: 7730.8ms | ActiveRecord: 193.6ms | Allocations: 25249)
I, [2024-09-18T07:24:35.812979 #34] INFO -- : [e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] Started POST "/users/sign_in" for 192.168.3.222 at 2024-09-18 07:24:35 +0000
I, [2024-09-18T07:24:36.218976 #34] INFO -- : [e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] Processing by Devise::SessionsController#create as TURBO_STREAM
I, [2024-09-18T07:24:36.219124 #34] INFO -- : [e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] Parameters: {"authenticity_token"=>"[FILTERED]", "user"=>{"email"=>"admin@archyve.io", "password"=>"[FILTERED]", "remember_me"=>"true"}, "commit"=>"Sign in"}
W, [2024-09-18T07:24:36.624243 #34] WARN -- : [e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] HTTP Origin header (http://192.168.1.4) didn't match request.base_url (http://192.168.1.4:3300)
I, [2024-09-18T07:24:37.033260 #34] INFO -- : [e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] Completed 422 Unprocessable Entity in 794ms (ActiveRecord: 0.0ms | Allocations: 961)
E, [2024-09-18T07:24:37.270424 #34] ERROR -- : [e0b2cede-71bc-4f1d-9c7a-45133d9f37dc]
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] ActionController::InvalidAuthenticityToken (HTTP Origin header (http://192.168.1.4) didn't match request.base_url (http://192.168.1.4:3300)):
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc]
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_controller/metal/request_forgery_protection.rb:293:in `handle_unverified_request'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_controller/metal/request_forgery_protection.rb:388:in `handle_unverified_request'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] devise (4.9.3) lib/devise/controllers/helpers.rb:255:in `handle_unverified_request'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_controller/metal/request_forgery_protection.rb:377:in `verify_authenticity_token'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:403:in `block in make_lambda'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:202:in `block (2 levels) in halting'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/abstract_controller/callbacks.rb:34:in `block (2 levels) in <module:Callbacks>'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:203:in `block in halting'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:598:in `block in invoke_before'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:598:in `each'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:598:in `invoke_before'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:119:in `block in run_callbacks'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] turbo-rails (2.0.5) lib/turbo-rails.rb:24:in `with_request_id'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] turbo-rails (2.0.5) app/controllers/concerns/turbo/request_id_tracking.rb:10:in `turbo_tracking_request_id'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:130:in `block in run_callbacks'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] audited (5.6.0) lib/audited/sweeper.rb:16:in `around'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:130:in `block in run_callbacks'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] audited (5.6.0) lib/audited/sweeper.rb:16:in `around'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:130:in `block in run_callbacks'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actiontext (7.1.3.2) lib/action_text/rendering.rb:23:in `with_renderer'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actiontext (7.1.3.2) lib/action_text/engine.rb:69:in `block (4 levels) in <class:Engine>'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:130:in `instance_exec'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:130:in `block in run_callbacks'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:141:in `run_callbacks'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/abstract_controller/callbacks.rb:258:in `process_action'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_controller/metal/rescue.rb:25:in `process_action'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_controller/metal/instrumentation.rb:74:in `block in process_action'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/notifications.rb:206:in `block in instrument'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/notifications/instrumenter.rb:58:in `instrument'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/notifications.rb:206:in `instrument'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_controller/metal/instrumentation.rb:73:in `process_action'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_controller/metal/params_wrapper.rb:261:in `process_action'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activerecord (7.1.3.2) lib/active_record/railties/controller_runtime.rb:32:in `process_action'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/abstract_controller/base.rb:160:in `process'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionview (7.1.3.2) lib/action_view/rendering.rb:40:in `process'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_controller/metal.rb:227:in `dispatch'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_controller/metal.rb:309:in `dispatch'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/routing/route_set.rb:49:in `dispatch'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/routing/route_set.rb:32:in `serve'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/routing/mapper.rb:21:in `block in <class:Constraints>'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/routing/mapper.rb:51:in `serve'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:51:in `block in serve'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:131:in `block in find_routes'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:124:in `each'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:124:in `find_routes'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/journey/router.rb:32:in `serve'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/routing/route_set.rb:882:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] rack-pjax (1.1.0) lib/rack/pjax.rb:12:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] warden (1.2.9) lib/warden/manager.rb:36:in `block in call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] warden (1.2.9) lib/warden/manager.rb:34:in `catch'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] warden (1.2.9) lib/warden/manager.rb:34:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] rack (3.0.9.1) lib/rack/tempfile_reaper.rb:20:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] rack (3.0.9.1) lib/rack/etag.rb:29:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] rack (3.0.9.1) lib/rack/conditional_get.rb:43:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] rack (3.0.9.1) lib/rack/head.rb:15:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/http/permissions_policy.rb:36:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/http/content_security_policy.rb:33:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] rack-session (2.0.0) lib/rack/session/abstract/id.rb:272:in `context'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] rack-session (2.0.0) lib/rack/session/abstract/id.rb:266:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/middleware/cookies.rb:689:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activegraph (11.5.0.beta.2) lib/active_graph/migrations/check_pending.rb:16:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/callbacks.rb:101:in `run_callbacks'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/middleware/callbacks.rb:28:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] sentry-rails (5.18.1) lib/sentry/rails/rescued_exception_interceptor.rb:9:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/middleware/debug_exceptions.rb:29:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] sentry-ruby (5.18.1) lib/sentry/rack/capture_exceptions.rb:15:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/middleware/show_exceptions.rb:31:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] railties (7.1.3.2) lib/rails/rack/logger.rb:37:in `call_app'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] railties (7.1.3.2) lib/rails/rack/logger.rb:24:in `block in call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/tagged_logging.rb:135:in `block in tagged'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/tagged_logging.rb:39:in `tagged'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/tagged_logging.rb:135:in `tagged'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] activesupport (7.1.3.2) lib/active_support/broadcast_logger.rb:240:in `method_missing'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] railties (7.1.3.2) lib/rails/rack/logger.rb:24:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/middleware/remote_ip.rb:92:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/middleware/request_id.rb:28:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] rack (3.0.9.1) lib/rack/method_override.rb:28:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] rack (3.0.9.1) lib/rack/runtime.rb:24:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/middleware/executor.rb:14:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] actionpack (7.1.3.2) lib/action_dispatch/middleware/static.rb:25:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] rack (3.0.9.1) lib/rack/sendfile.rb:114:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] railties (7.1.3.2) lib/rails/engine.rb:536:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] puma (6.4.2) lib/puma/configuration.rb:272:in `call'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] puma (6.4.2) lib/puma/request.rb:100:in `block in handle_request'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] puma (6.4.2) lib/puma/thread_pool.rb:378:in `with_force_shutdown'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] puma (6.4.2) lib/puma/request.rb:99:in `handle_request'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] puma (6.4.2) lib/puma/server.rb:464:in `process_client'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] puma (6.4.2) lib/puma/server.rb:245:in `block in run'
[e0b2cede-71bc-4f1d-9c7a-45133d9f37dc] puma (6.4.2) lib/puma/thread_pool.rb:155:in `block in spawn_thread'
192.168.1.4 is the address of the docker box where archyve is runnin on.
Interesting... I don't think this issue is caused by ALLOWED_HOSTS.
It looks like you were hitting /, getting redirected to /users/sign_in, then getting rejected. The API is under /v1, e.g. /v1/collections to list collections. You'll need to set the API auth headers if you haven't already.
Are you writing a client, trying to connect another, existing app, or something else?
Interesting... I don't think this issue is caused by ALLOWED_HOSTS.
It looks like you were hitting /, getting redirected to /users/sign_in, then getting rejected. The API is under /v1, e.g. /v1/collections to list collections. You'll need to set the API auth headers if you haven't already.
Are you writing a client, trying to connect another, existing app, or something else?
Just try to login into archyve web server from my laptop web browser pointing http://xxx.xxx.xxx.xxx:3300/
Ah, I see.
I have found a few other people with the same error in other apps, and in all cases they seem to be accessing the app through a reverse proxy, like NGINX.
Are you accessing Archyve through NGINX or another reverse proxy?
Ah, I see.
I have found a few other people with the same error in other apps, and in all cases they seem to be accessing the app through a reverse proxy, like NGINX.
Are you accessing Archyve through NGINX or another reverse proxy?
Actually not yet. I'directly connect via LAN address
I'm trying to reproduce, so I ran Archyve in the container on another machine, but I was able to connect without issue. I added the ALLOWED_HOSTS
entry I posted above and was still able to connect.
I've just cloned the repo and run docker compose up -d
on the other machine, and connected to http://192.168.1.20:3300
and http://othermachinehostname:3300
and had no issues.
I also had docker listen on :80 instead of :3300 so I could just type the URL without port into the address bar in a browser to see if that generated an issue, but everything still worked.
Questions:
In your browser, do you put http://192.168.1.4:3300
in the URL bar, or just http://192.168.1.4
? If the latter, what is taking a request on port 80 and mapping it to 3300 in the rails container?
Have you modified the compose file at all, or just run it as is on your docker box?
Are you starting the containers with docker compose up -d
, or using some orchestration software?
What browser are you using? The error logs complain about an Origin
header, but when I send a request in Firefox it's not sending that header at all.
@virdb Did you get it to work?
I noticed the new variable, but I don't understand how to use it to enable all hosts. I commented it out , but still no login is possible from outside.
How can I enable all hosts or subnets?
Thanks a lot and best regards