I’m working on a Phoenix app that I want to deploy to an Alpine Linux VPS that only supports IPv6. I’ve had to muddle through the setup procedure (which I’ll document at some point) but I’ve seemingly hit a roadblock near the end: I can’t seem to make external API requests without running into an :enetureach error from Req. Outside of the app, I can ping the URLs and receive a response, but the app can’t seem to find them.
I’ve followed this guide to set up networking, DNS, fail2ban, ip6tables, NAT64, and nginx with IPv6-only and CloudFlare. I’ve modified the nginx config to create a proxy to localhost:4000 and get websockets working. I have set up all the environment variables specified in the configuration, as well as the API keys I need for the calls. The web pages just fine, and the on-device database works, but I can’t call external APIs. I have basically no experience with networking so I figured this would be a good challenge for me to learn more about it, but I’m a bit stuck here. I have tried turning disabling individual services (ip6tables, eliminating some of the rules in my nginx config), but I’ve had no luck so far. I get that it’s a networking issue, but there appear to be a lot of moving parts around that. Does anyone have any ideas on how to fix this? Let me know if any additional config files, scripts, etc. would be helpful to help find the problem.
Additional info: I can make the same API requests with curl without any issues. So I don’t think it’s a problem with any firewall or networking, since I can still access the data from maybe it’s just a problem with the nginx configuration? Or something with the elixir app config?
For future reference: I store compile_env() in my application’s configuration, i.e. config :my_app, env: compile_env(). Then, when I’m forming a new request using Req, I do:
I was able to get one of my API connections working; the other (Backblaze B2) does not support IPv6 yet, but they will in September, so I’ll find a workaround until then.
I‘d suggest turning the dependency around. Instead of your code depending on knowing the env the code should expose a configuration like config :myapp, request_using_ipv6: …, which you happen to set to true in your config depending on the env. That way those settings become more flexible to be controlled without affecting the codebase itself.
That makes a lot of sense, yeah. Probably easier to just set a bunch of flags in config/config.exs and switch them in different environments as necessary.
