| [03:06:16] | * farmBOT has joined #farmos |
| [10:08:13] | <symbioquine[m]> | <mstenta[m]> "I figured it out... it was..." <- You needed a hairpin NAT rule right? |
| [10:09:13] | <mstenta[m]> | Never heard of that! 😅 |
| [10:09:18] | <symbioquine[m]> | https://en.wikipedia.org/wiki/Network_address_translation#NAT_hairpinning |
| [10:11:56] | <mstenta[m]> | In my case, ultimately I just needed to add an explicit UFW allow rule for 80 and 443 ports. They aren't necessary generally because Docker injects its own iptables rules ahead of UFW's for any ports that containers are exposing. In this case, since the request was originating from within a container on the same host, I guess that wasn't covered by Docker's rules. So I needed to allow it more generally. |
| [10:12:36] | <mstenta[m]> | (I also have a general "deny all" rule in UFW... that's what was ultimately blocking the request) |
| [10:14:33] | <symbioquine[m]> | Ah 😅 |
| [10:14:50] | <mstenta[m]> | Yep... silly simple... |
| [10:15:04] | <mstenta[m]> | Just never needed it to work before! |
| [10:16:17] | <mstenta[m]> | I'm experimenting with DOMPDF for producing PDFs in farmOS. And that needs to be able to pull in images/CSS files using remote URLs... which in this case means making requests to its own domain. So that's how I discovered this wasn't working. |
| [10:16:45] | <mstenta[m]> | Ultimately I should add loopback lines to �/etc/hosts� so that it doesn't need to make the request to the public network... |
| [10:17:59] | <mstenta[m]> | This is all good learning if/when we want to try something similar in farmOS core for producing PDFs |
| [10:18:17] | <mstenta[m]> | There are other options with DOMPDF to avoid remote requests, but that's the default/easiest |
| [10:51:57] | <symbioquine[m]> | Yeah, seems hard to avoid some http requests unless you can get Drupal/Symphony to inline absolutely everything with `Request::create`/`httpKernel->handle(`... |
| [10:54:31] | <symbioquine[m]> | Which would be fragile to many forms of customization |