How can I access to the SLL certificate file? My app config requires it
I have a bun app, that seems to require the full path to a certificate. Where could I get that ?
Thanks
53 Replies
Project ID:
N/A
Essentially I need to provide a path here
railway handles that for you, do not try to start an https server
Thanks Brody, so what am I supposed to return from the server file ?
just dont do any tls stuff, start a plain old http server
I have a werid issue where all HTTPS call get redirected to HTTP
can you give me a link to where i can see that behavior?
There it is https://castaway-production.up.railway.app
thats just a 404 though
Can't seem to reproduce from the browser, but the Bun app, thinks that request.url is http
so whenever url.origin is used, it output http instead of https
the bun app that you have deployed to railway thinks that the incoming requests are http?
correct
well because they are
your app would need to trust the proxy headers,
X-Forwarded-For
and X-Forwarded-Proto
X-Forwarded-Proto
would always be set to https
Any idea on how to do that ?
im sure bun has docs for that
looking it up
Does that look like the right place to do that ?
no?
Sorry I am lost. Is X-Forwarded-Proto: https a header I should add somewhere ?
do some research on trusting proxy headers
doesnt need to be in the context of bun, just in general so you get an understanding of what it means
God I hate devops 😄
Just for the quick tip, is that a header I should send from the client ?
always more stuff to learn eh?
no, railway's proxy sets the header, your bun app needs to read from it so that it knows the requests where made from https
here's a blurb from some express middleware for trusting the proxy headers
https://expressjs.com/en/guide/behind-proxies.html
Alright, will do some (more) research. Thanks a lot Brody !
Does that look like the right track ? https://hono.dev/middleware/builtin/secure-headers
Secure Headers Middleware - Hono
Ultrafast web framework for Cloudflare Workers, Fastly Compute, Deno, Bun, Vercel, Node.js, and others. Fast, but not only fast.
not at all
why does it even matter in your case that requests come in as http? is this posing some real problem?
Yes it does, a whole lot of headach
burnt the whole day on this
why does it matter if the incoming requests are http or https
As I understand it's the server that has to acknowlege that header right ?
Cause the client then send HTTP, which get redirected to HTTPS, which doesn't work for POST request
why is their any redirection?
the client should make https calls, not http calls
Railway does that no ?
not unless you are doing something wrong
http://castaway-production.up.railway.app/
That gets redirected no ? I am just spining up a container that works fine locally, no fancy config at all
why are you making requests with http
Because the library I am using, relies on Hono request data to create URLs for the client. If hono says that's HTTP, then all my links are HTTP
If you know farcaster, this is a setup for farcaster frames
okay now thats a good explanation
right so we are back to trusting the proxy headers
you figure out how to trust the proxy headers, then hono will see the request as https and make the correct URLs
But that's gotta be on Hono side right, if they don't have support for this then I am stucked ?
you can always write your own middleware that does this
So the idea is, request comes in, check the header, then somehow force Hono to acknowledge this as legitimate https
basically yeah, you are able to set values in the request object before hono comes into play, you read the protocol from the header and set the protocol in the request object in a middleware, then when hono comes into play it will read the protocol and create the correct URL
That makes. I got the first part down. I get the IP this way, so now I have to check thats its a valid domain (will worry about that later) then update the request, correct?
where do domains come into play here
also that middleware purely prints the IP, it doesn't actually set the IP in the request object
Yes, that's the missing bit I am tryiing to figure that out
Never mind the domain (sorry I am being thick here)
I haven't touched a container in years, I was hoping devops got easier since then
To be fair, Railway is awesome
haha this is just normal running your app behind a proxy stuff, I'm surprised there isn't a package to do this for you
express has a dead simple way of doing it that's literally one line
yea, no info whatsoever on the subject, it's crazy
Everything is read only on the request object 😦
Ok looks like that did it
okay now just read the value from the header and fallback to http if there is no header
got it, if x-forwarded-for is in there, the use https
Thanks a tone Brody, saved me hours for sure
if the header is there, then use the headers value
Right, this makes sense
if there's no header then don't do anything with it as the default value of http will be correct
yo thank you for the trains