DNS s6-dnsip unable to resolve host

Phoenix
1

I haven’t noticed an issue when visiting or using our site, https://metamorphic.app.

However, some people have stated that they receive an error when using s6-dnsip to try and look up the dns info for the domain metamorphic.app:

s6-dnsip metamorphic.app
s6-dnsip: fatal: : unable to resolve metamorphic.app: no such domain

I was curious if this is a misconfiguration error on my end or something else? It’s an Elixir/Phoenix app and here is my runtime.exs configuration:

# Configure the canonical host for redirects.
  config :metamorphic, canonical_host: host

  config :metamorphic, MetamorphicWeb.Endpoint,
    url: [host: host, port: 443, scheme: "https"],
    force_ssl: [rewrite_on: [:x_forwarded_proto]],
    live_view: [
      signing_salt: System.get_env("LIVE_VIEW_SIGNING_SALT"),
      encryption_salt: System.get_env("LIVE_VIEW_ENCRYPTION_SALT")
    ],
    http: [
      # Enable IPv6 and bind on all interfaces.
      # Set it to  {0, 0, 0, 0, 0, 0, 0, 1} for local network only access.
      # See the documentation on https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html
      # for details about using IPv6 vs IPv4 and loopback vs public addresses.
      ip: {0, 0, 0, 0, 0, 0, 0, 0},
      port: port
    ],
    secret_key_base: secret_key_base

  # Configure libcluster for clustering
  app_name =
    System.get_env("FLY_APP_NAME") ||
      raise "FLY_APP_NAME not available"

  config :libcluster,
    debug: true,
    topologies: [
      fly6pn: [
        strategy: Cluster.Strategy.DNSPoll,
        config: [
          polling_interval: 5_000,
          query: "#{app_name}.internal",
          node_basename: app_name
        ]
      ]
    ]

And my fly.toml:

# fly.toml app configuration file generated for metamorphic on 2023-07-19T17:58:18-04:00
#
# See https://fly.io/docs/reference/configuration/ for information about how to use this file.
#

app = "metamorphic"
primary_region = "bos"
kill_signal = "SIGTERM"

[deploy]
  release_command = "/app/bin/migrate"

[env]
  PHX_HOST = "metamorphic.app"
  PORT = "8080"
  PRIMARY_REGION="bos"
  RELEASE_COOKIE="1a3LEqcIUmDIK-GNMeH1MQGRaNvnfIny4MSmqsk85kv7Zh1Z35tVgg=="

[[services]]
  protocol = "tcp"
  internal_port = 8080
  processes = ["app"]

  [[services.ports]]
    port = 443
    handlers = ["tls", "http"]
  [services.concurrency]
    type = "connections"
    hard_limit = 25
    soft_limit = 20

  [[services.tcp_checks]]
    interval = "15s"
    timeout = "2s"
    grace_period = "1s"
    restart_limit = 0

Oh also my env.sh.eex:

#!/bin/sh

# configure node for distributed erlang with IPV6 support
export ERL_AFLAGS="-proto_dist inet6_tcp"
export ECTO_IPV6="true"
export DNS_CLUSTER_QUERY="${FLY_APP_NAME}.internal"

ip=$(grep fly-local-6pn /etc/hosts | cut -f 1)
export RELEASE_DISTRIBUTION=name
export RELEASE_NODE=$FLY_APP_NAME@$ip
2

To follow up on this, I’ve got reports that people can’t connect to https://metamorphic.app on wifi on the US west coast but can connect to it on cellular.

I have updated endpoint:

@session_options [
    store: :cookie,
    path: "/",
    secure: true,
    http_only: true,
    key: "__Host-_metamorphic_key",
    signing_salt: {Metamorphic.Encrypted.Session, :signing_salt, []},
    encryption_salt: {Metamorphic.Encrypted.Session, :encryption_salt, []},
    same_site: "Lax"
  ]

runtime:

config :metamorphic, MetamorphicWeb.Endpoint,
    url: [host: host, port: 443, scheme: "https"],
    check_origin: [
      "//localhost",
      "//metamorphic.app",
      "//*.metamorphic.app"
    ],
    #force_ssl: [rewrite_on: [:x_forwarded_proto], host: nil, hsts: true],
    server_ip: System.get_env("METAMORPHIC_SERVER_IP"),
    live_view: [
      signing_salt: System.get_env("LIVE_VIEW_SIGNING_SALT"),
      encryption_salt: System.get_env("LIVE_VIEW_ENCRYPTION_SALT")
    ],
    http: [
      # Enable IPv6 and bind on all interfaces.
      # Set it to  {0, 0, 0, 0, 0, 0, 0, 1} for local network only access.
      # See the documentation on https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html
      # for details about using IPv6 vs IPv4 and loopback vs public addresses.
      ip: {0, 0, 0, 0, 0, 0, 0, 0},
      port: port
    ],
    secret_key_base: secret_key_base

fly.toml:

app = "metamorphic"
primary_region = "bos"
kill_signal = "SIGTERM"

[deploy]
  release_command = "/app/bin/migrate"

[env]
  PHX_HOST = "metamorphic.app"
  RELEASE_COOKIE="1a3LEqcIUmDIK-GNMeH1MQGRaNvnfIny4MSmqsk85kv7Zh1Z35tVgg=="

[http_service]
  internal_port = 8080
  force_https = true
  auto_stop_machines = true
  auto_start_machines = true
  min_machines_running = 0
  [http_service.concurrency]
    type = "requests"
    soft_limit = 2000
    hard_limit = 2500

and env.sh.eex:

# configure node for distributed erlang with IPV6 support
export ERL_AFLAGS="-proto_dist inet6_tcp"
export ECTO_IPV6="true"
export DNS_CLUSTER_QUERY="${FLY_APP_NAME}.internal"

ip=$(grep fly-local-6pn /etc/hosts | cut -f 1)
export RELEASE_DISTRIBUTION=name
export RELEASE_NODE=$FLY_APP_NAME@$ip
export METAMORPHIC_SERVER_IP=$ip

and docker file:

# Find eligible builder and runner images on Docker Hub. We use Ubuntu/Debian
# instead of Alpine to avoid DNS resolution issues in production.
#
# https://hub.docker.com/r/hexpm/elixir/tags?page=1&name=ubuntu
# https://hub.docker.com/_/ubuntu?tab=tags
#
# This file is based on these images:
#
#   - https://hub.docker.com/r/hexpm/elixir/tags - for the build image
#   - https://hub.docker.com/_/debian?tab=tags&page=1&name=bullseye-20230612-slim - for the release image
#   - https://pkgs.org/ - resource for finding needed packages
#   - Ex: hexpm/elixir:1.15.2-erlang-26.0.2-debian-bullseye-20230612-slim
#
ARG ELIXIR_VERSION=1.15.2
ARG OTP_VERSION=26.0.2
ARG DEBIAN_VERSION=bullseye-20230612-slim

ARG BUILDER_IMAGE="hexpm/elixir:${ELIXIR_VERSION}-erlang-${OTP_VERSION}-debian-${DEBIAN_VERSION}"
ARG RUNNER_IMAGE="debian:${DEBIAN_VERSION}"

FROM ${BUILDER_IMAGE} as builder

# install build dependencies
RUN apt-get update -y && apt-get install -y build-essential git \
  && apt-get install -y libsodium-dev && apt install -y libvips-dev && apt-get clean && rm -f /var/lib/apt/lists/*_*

# prepare build dir
WORKDIR /app

# install hex + rebar
RUN mix local.hex --force && \
    mix local.rebar --force

# set build ENV
ENV MIX_ENV="prod"

# install mix dependencies
COPY mix.exs mix.lock ./
RUN mix deps.get --only $MIX_ENV
RUN mkdir config

# copy compile-time config files before we compile dependencies
# to ensure any relevant config change will trigger the dependencies
# to be re-compiled.
COPY config/config.exs config/${MIX_ENV}.exs config/
RUN mix deps.compile

COPY priv priv

COPY lib lib

COPY assets assets

# compile assets
RUN mix assets.deploy

# Compile the release
RUN mix compile

# Changes to config/runtime.exs don't require recompiling the code
COPY config/runtime.exs config/

COPY rel rel
RUN mix release

# start a new build stage so that the final image will only contain
# the compiled release and other runtime necessities
FROM ${RUNNER_IMAGE}

RUN apt-get update -y && apt-get install -y libstdc++6 openssl libncurses5 libsodium-dev locales \
  && apt install -y libvips-dev && apt-get clean && rm -f /var/lib/apt/lists/*_*

# Set the locale
RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && locale-gen

ENV LANG en_US.UTF-8
ENV LANGUAGE en_US:en
ENV LC_ALL en_US.UTF-8

WORKDIR "/app"
RUN chown nobody /app

# set runner ENV
ENV MIX_ENV="prod"

# Only copy the final release from the build stage
COPY --from=builder --chown=nobody:root /app/_build/${MIX_ENV}/rel/metamorphic ./

USER nobody

# Set the runtime ENV
ENV ECTO_IPV6="true"
ENV ERL_AFLAGS="-proto_dist inet6_tcp"

CMD ["/app/bin/server"]

Really running around in circles on this one. Any help, much appreciated, thank you :heart:

4

When I connect over IPv4, it doesn’t load. IPv6 works fine.

❯ curl -4v https://metamorphic.app
* processing: https://metamorphic.app
*   Trying 66.241.125.253:443...
* Connected to metamorphic.app (66.241.125.253) port 443
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
* Recv failure: Connection reset by peer
* OpenSSL SSL_connect: Connection reset by peer in connection to metamorphic.app:443 
* Closing connection
curl: (35) Recv failure: Connection reset by peer

Can you double-check your A record?

1 Like
5

Thank you!! Old value in A record was my issue. Thank you so much :heart:

1 Like