fix force_ssl for pings

5bc80b5 · gmorell · 2026-06-10 21:27

1 files +11 -11

Files changed

modified config/prod.exs
+11 −11
@@ -7,17 +7,17 @@ import Config
7 7 # before starting your production server.
8 8 config :git_gud, GitGudWeb.Endpoint, cache_static_manifest: "priv/static/cache_manifest.json"
9 9
10 # Force using SSL in production. This also sets the "strict-security-transport" header,
11 # known as HSTS. If you have a health check endpoint, you may want to exclude it below.
12 # Note `:force_ssl` is required to be set at compile-time.
13 config :git_gud, GitGudWeb.Endpoint,
14 force_ssl: [
15 rewrite_on: [:x_forwarded_proto],
16 exclude: [
17 # paths: ["/health"],
18 hosts: ["localhost", "127.0.0.1"]
19 ]
20 ]
10 +# TLS termination + the http → https redirect happen at the Traefik
11 +# ingress, so Phoenix doesn't run `force_ssl` itself. Leaving it on
12 +# behind a proxy that doesn't reliably forward `X-Forwarded-Proto`
13 +# breaks the LiveView WebSocket: Plug.SSL sees the upgrade as plain
14 +# HTTP, returns a 301, and the browser drops the connection.
15 +#
16 +# If you ever serve directly without a TLS-terminating proxy, re-enable
17 +# this block:
18 +#
19 +# config :git_gud, GitGudWeb.Endpoint,
20 +# force_ssl: [rewrite_on: [:x_forwarded_proto]]
21 21
22 22 # Configure Swoosh API Client
23 23 config :swoosh, api_client: Swoosh.ApiClient.Req

Parents: c2956cc