chart icon indicating copy to clipboard operation
chart copied to clipboard
verified publisher icon mastodon

[ActionDispatch::HostAuthorization::DefaultResponseApp] Blocked host: XXX

Open vmptk opened this issue 2 years ago • 1 comments

Mastodon web logs are full of blocking log entries:

[ActionDispatch::HostAuthorization::DefaultResponseApp] Blocked host: 10.1.149.159
[ActionDispatch::HostAuthorization::DefaultResponseApp] Blocked host: 10.1.145.207
[ActionDispatch::HostAuthorization::DefaultResponseApp] Blocked host: 10.1.154.2
[ActionDispatch::HostAuthorization::DefaultResponseApp] Blocked host: 10.1.174.212

Those addresses are the K8S node assigned private addresses. The whole subnet had been added in env variables:

  • TRUSTED_PROXY_IP : 10.0.0.0/8,
  • ALLOWED_PRIVATE_ADDRESSES : 10.0.0.0/8,

Any ideas on how to resolve that issue?

vmptk avatar Mar 17 '23 10:03 vmptk

Adding the following environment variable worked for me - seems the docker container will only accept requests from LOCAL_DOMAIN:

  extraEnvVars:
    LOCAL_DOMAIN: your.domain.example.com

ndebuhr avatar Feb 23 '24 02:02 ndebuhr