dmarcoux

dmarcoux

Deploying a Phoenix app on Fly.io with DNS on Cloudflare

Hey,

I have deployed a Phoenix app on Fly.io and my DNS settings are on Cloudflare. For this, I created A and AAAA records on my domain for the IP addresses from flyctl ips list. Those records are proxied by Cloudflare. The Phoenix app is running perfectly fine when accessed at the URL provided by Fly.io. However when accessed from my custom domain, it results in a 520 HTTP error. Do I need to change something in the Phoenix app configuration for this to work?

Most Liked

PJUllrich

PJUllrich

Author of Building Table Views with Phoenix LiveView

I ran into the same issue today and just wanted to share my steps to set this up successfully:

  1. Add domain to Cloudflare.
  2. Run fly certs add mydomain.com
  3. Set the A and AAAA records shown in Cloudflare DNS.
  4. (Optional) Check that the CNAME www mydomain.com record exists in Cloudflare DNS. Create it otherwise.
  5. Disable the proxied (orange cloud) option for all these records.
  6. (Maybe, not sure whether necessary) Disable Universal SSL in Cloudflare because it might otherwise block the certificate acme verification challenge.
  7. Wait until fly certs show mydomain.com shows that your certificate was created successfully.
  8. Check that you can reach your website at mydomain.com :tada:
  9. Enable the proxied (orange cloud) option for your three DNS records again (A, AAAA, and CNAME).
  10. Set the SSL/TLS encryption mode to Full (strict)
  11. Enable Universal SSL again.
  12. Wait maybe 30s and check your website again. Hopefully it works now!

If not, these are possible troubleshooting steps:

  1. Disable the proxied/orange cloud, wait 30s and see whether it works now.
    • If yes, then at least your Fly.io certificates were issued correctly.
  2. Disable Universal SSL in Cloudflare. This option likes to interfere with the Fly.io certificate creation.
    • Enable this option again once your certificate was issued and populated through the network. You can check this at e.g. https://dnschecker.org/
  3. Set the SSL/TLS Encryption to flexible.
    • I’ve no clue what this does but sometimes it fixes the issue. So, try this and see whether it helps, but eventually, you should set this to Full (strict).

Tools and Threads that helped (in no particular order)

dmarcoux

dmarcoux

I have found what was wrong. I had to put the SSL/TLS encryption mode to Full in the SSL/TLS settings for my domain. Hopefully this helps someone else in the future.

Where Next?

Popular in Questions Top

skosch
To my knowledge, put_in, Map.update etc. all have the one limitation of not automatically creating intermediate keys when needed (for exa...
New
myronmarston
The Elixir Typespec docs show the following syntax for keyword lists in typespecs: # ... | [key: type] # keyword lists...
New
tduccuong
Hi, is there any work on GUI with Elixir, that is similar to Electron/Javascript? My idea is to bundle Phoenix and BEAM into a single se...
New
JorisKok
I have a server on AWS, and was running a load test using artillery. When looking at the Phoenix dashboard I see the Ports going to 100% ...
New
jaysoifer
Is there a way to rollback a specific migration and only that one (“skipping” all the other ones)? Would mix ecto.rollback -v 200809061...
New
baxterw3b
Hi guys, i’m new in the Elixir world, and i have to say, that i love it! i’m having some problem to understand anonymous functions with ...
New
alice
Hey, Just curious what are the main benefits of Elixir compared to Clojure? When is Elixir more useful than Clojure and vice versa? Th...
New
Brian
What is the proper way to load a module from a file in to IEX? In the python world, doing something like this pretty standard: from ....
New
WestKeys
Currently suffering from paralysis by [HTTP client] analysis. This is rather unusual in Elixirland as there tends to be consensus on the ...
New
svb
Hi! Currently I want to submit a form by pressing the Enter key. However, since my input field is of type “textarea” this is just adds a...
New

Other popular topics Top

New
TunkShif
This post is an instruction guide to help you setup your Neovim for Elixir development from scratch. It includes general information on h...
274 41539 114
New
hariharasudhan94
lets say i have a sample like a = 20; b = 10; if (a > b) do {:ok, "a"} end if (a < b) do {:ok, b} end if (a == b) do {:ok, "equa...
New
jaysoifer
Is there a way to rollback a specific migration and only that one (“skipping” all the other ones)? Would mix ecto.rollback -v 200809061...
New
baxterw3b
Hi guys, i’m new in the Elixir world, and i have to say, that i love it! i’m having some problem to understand anonymous functions with ...
New
vrod
I am using the Starship cross-shell prompt – it seems pretty nice, but I get some errors: [WARN] - (starship::utils): Executing command ...
New
sergio_101
I am VERY much an elixir newbie. I have taken one elixir course and one phoenix course on Udemy. During that course, I saw the instructor...
New
KronicDeth
Elixir plugin for JetBrain’s IntelliJ Platform (including Rubymine) This is a plugin that adds support for Elixir to JetBrains IntelliJ...
289 36128 110
New
dogweather
I wrote this comment on r/haskell, and it’s not popular there. :wink: But I think I’m on to something… Haskell reminds me of Java, and e...
New
jononomo
For some reason my phoenix channels are working for me in my local dev environment, but as soon as I deploy via Docker, I get a 403 error...
New

We're in Beta

About us Mission Statement