Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG]: CORS /graphql letsencrypt #348

Open
unusualevent opened this issue May 5, 2024 · 4 comments
Open

[BUG]: CORS /graphql letsencrypt #348

unusualevent opened this issue May 5, 2024 · 4 comments

Comments

@unusualevent
Copy link

Describe the bug
The graphql API is served over 3000 instead of proxied via the front/nginx container, various shenanigans ensue

To Reproduce
Steps to reproduce the behavior:

  1. Follow the setup instructions
  2. Adjust the LAGO_FRONT_URL and LAGO_API_URL to be something sensible that isn't localhost
  3. either the front, or the API, aren't really in sync with the right CORS headers
  4. See error

Expected behavior
I... I mean I expect that if it's a frontend that the port of the static javascript and the API itself match. that's... also a basic web standard? it's part of how CORS matching... works?

You can do that like this, probably:

location /graphql {
 proxy_pass http://api:3000;
}

(I have no idea why this isn't the default)

Changing the docs so that LAGO_API_URL is understood as something that needs to be changed

More explanation over whether either variable is supposed to include the protocol https://, the port, and a trailing slash (you have two issues that are contradictory on this and docs that are vague-ish) ((maybe this is a weird quirk of your web framework??))

Screenshots
Could get them? It's similar to the other CORS problems. I suspect one container or another isn't loading .env's? or is using defaults?

Support

  • OS: Mac
  • Browser Firefox
  • Version 125

Additional context
I like trains and web standards <3

@jdenquin
Copy link
Contributor

Hello @unusualevent

Sorry for the delay here.
Well, our documentation about serving SSL with the basic configuration is a bit old and we do not maintain it... That's a shame.
We'll work on a new one, serving everything with Traefik.

Do you use a single domain to run Lago?

@unusualevent
Copy link
Author

@jdenquin I was trying to serve all of Lago from the same domain, yes. I think I was thinking about proxying through Caddy, if possible I'd like it if they all went through the same port so that CORS worked.

@unusualevent
Copy link
Author

I know that some other apps have like their own internal nginx router container, as another example. that way you can pick and choose your outside ssl termination.

443:443 (caddy/traefik/nginx/whatever) -> router_container:80 (not occupying that port on the host) -> route to the two containers

or at least the demo itself should route everything through the same domain and port, or should have the correct CORS headers.

the lack of a good way to run it securely made me not want to use Lago because the self hosting would be far too much trouble (and that's saying something, I'm willing to put up with a lot of trouble self hosting things). the pricing was also astronomical if I wanted you to handle it for me.

@jdenquin
Copy link
Contributor

jdenquin commented Jul 7, 2024

I understand your bad experience @unusualevent , feel free to join the Slack Community and ask for any help around it.
Using the same domain actually is not something we recommend, it's better to use subdomains for both services (front and api)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants