| 13 Jan 2023 |
 @grahamc:nixos.org | * if you add a header to your request you can tweak it, like --header X-Forwarded-For "https://long.and.serious.domain.name/" (edited to fix the header name) | 17:43:04 |
 wucke13 | Doesn't that defeat the hole purpose of services.hydra.hydraURL? | 17:44:09 |
| wucke13 | (that as in this dynamic detection mechanism) | 17:44:40 |
| @grahamc:nixos.org | I'm not totally sure about the backstory there, but not quite. that base_uri argument is used in a few places and ways, and part of the reason is when code runs outside of a web request it sometimes needs to know the base URI of Hydra | 17:44:58 |
| wucke13 | In reply to @grahamc:nixos.org
if you add a header to your request you can tweak it, like --header X-Forwarded-For "https://long.and.serious.domain.name/" (edited to fix the header name) That by the way still doesn't work. | 17:47:33 |
| wucke13 | In reply to @grahamc:nixos.org
if you add a header to your request you can tweak it, like --header X-Forwarded-For "https://long.and.serious.domain.name/" (edited to fix the header name) * ~~That by the way still doesn't work.~~ hang on, whitesace error | 17:48:14 |
| @grahamc:nixos.org | ah, try this other header: | 17:48:15 |
| @grahamc:nixos.org | --header X-Forwarded-Host "long.and..." | 17:48:27 |
| wucke13 | Nope. | 17:49:38 |
| wucke13 | (I'm using curl --header 'X-Forwarded-Host "https://long.and.serious.domain.name/"' localhost:8008 | 17:49:58 |
| wucke13 | * (I'm using curl --header 'X-Forwarded-Host "https://long.and.serious.domain.name/"' localhost:8008) | 17:50:01 |
| @grahamc:nixos.org | ah, oops, I gave you the wrong syntax | 17:50:20 |
| @grahamc:nixos.org | curl --header X-Forwarded-Host: long.and... | 17:50:39 |
| wucke13 | Nope. Doesn't work. And without the quotation mark, curl tries to connect to long.and ... | 17:52:05 |
| wucke13 | But even with the quotation mark I get all kind of localhost in the response. | 17:52:28 |
| wucke13 | I have an older machine with the almost identical config. Was there maybe a switch introduced dependening on systemState? | 17:53:19 |
| @grahamc:nixos.org | ugh I just can't get it right can I | 17:56:33 |
| * @grahamc:nixos.org logs onto a hydra box so he can try it | 17:56:59 |
 K900 | It it now just Host: long.and.serious.domain.name? | 17:57:11 |
| K900 | * Is it not just Host: long.and.serious.domain.name? | 17:57:15 |
| K900 | That's what I'd expect anyway | 17:57:18 |
 ajs124 | just use recommendedproxyheaders or whatever that's called | 17:57:19 |
| wucke13 | In reply to @k900:0upti.me
Is it not just Host: long.and.serious.domain.name? Yes :) | 17:58:13 |
| @grahamc:nixos.org |
The X-Forwarded-For (XFF) request header is a de-facto standard header for identifying the originating IP address of a client connecting to a web server through a proxy server.
d'oh, that was the wrong one entirely
| 17:58:33 |
| wucke13 | grahamc (he/him): K900 thank you two 😄 | 17:58:30 |
| @grahamc:nixos.org | here are the headers we expect:
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Request-Base /hydra;
| 17:58:42 |
| @grahamc:nixos.org | so indeed just Host | 17:58:49 |
| @grahamc:nixos.org | sorry for the wildly misleading info :D | 17:58:56 |
| wucke13 | That works like a charm. Thank you for the snippet :) | 18:00:27 |
| @grahamc:nixos.org | https://github.com/NixOS/hydra/blob/master/doc/manual/src/configuration.md#serving-behind-reverse-proxy | 18:01:26 |
