I’m having some trouble setting up a Cloudflare proxy with Fly.io as the origin server. To make a long story short, I have our small app deployed at https://dwylapp.fly.dev/. However, when trying to create a proxy in Cloudflare (https://app.dwyl.com/), we are getting an ERR_TOO_MANY_REDIRECTS error in the browser.
This is quite weird because we have apps deployed to Fly.io that work fine with Cloudflare as a proxy (e.g. our auth app, which you will see in the screenshots below).
we’ve tried changing the SSL/TLS encryption mode in Cloudflare’s dashboard from Flexible to Full. However, when we try to do this, instead of ERR_TOO_MANY_REDIRECTS error, we get an SSL handshake failed error. And unfortunately, when we do this, our working app auth that we’ve previously mentioned also stops working.
And that’s what we’ve tried so far. We’ve gone over Cloudflare’s Troubleshooting Docs for this error and they state “it’s commonly caused by a misconfiguration in SSL/TLS Encryption mode” (which we’ve tried to change).
Have any of you ever faced this problem when deploying a Flutter Web App? It’s a simple Static Website that does not yet have any navigation, so it’s most likely a problem with Fly.io’s default configuration of the server. But we’re having some trouble finding what exactly.
So our question is: does anyone else in the Fly.io community/team have experience with configuring subdomains for static websites (which is all our Flutter Web App is …)?
Has anyone experienced this redirect issue before?
With force_https enabled in your fly.toml, it can’t respond to HTTP connections either. Your admin app doesn’t have force_https enabled, so Cloudflare is making plaintext connections to it.
I looked at your github thread, and you did try to create a TLS certificate for your domain on Fly. It didn’t work because our certificate manager checks the DNS records to see if your domain is set up correctly, and Cloudflare’s “proxied” records replace the values you set to point to their proxy.
If you do want to keep the Cloudflare proxy, I think you can use TXT record verification, but I’m not sure if we have that set up for single subdomains or only wildcards. I’ll check and let you know!