BUG: `/health` endpoint intercepted by nginx — returns `text/plain` "healthy\n", not `application/json` #72

New issue

Closed

opened 2026-05-25 05:50:23 -04:00 by zgaetano · 0 comments

zgaetano commented

2026-05-25 05:50:23 -04:00

Owner

Bug

The nginx config in services/web-ui/nginx.conf has a dedicated /health location block:

location /health {
    access_log off;
    return 200 "healthy\n";
    add_header Content-Type text/plain;
}

This means ALL requests going through the web-ui reverse proxy (port 42423) to /health are served directly by nginx — never reaching the mam-api's app.get('/health', ...) handler which returns {"status":"ok"}.

The add_header line is also dead code — return directives execute before add_header, so Content-Type is never set. nginx's default is text/plain.

Impact

Any health checker expecting JSON will fail
Smoke test deploy/api-smoke.sh doesn't test /health but the discrepancy between the code and deployed behavior is confusing
The mam-api's intended /health response is unreachable through the proxy

Verification

$ curl -sv http://10.0.0.25:42423/health
< HTTP/1.1 200 OK
< Content-Type: text/plain
healthy

But directly hitting mam-api on port 45431:

$ curl -sv http://10.0.0.25:45431/health
< Content-Type: application/json
{"status":"ok"}

Location

services/web-ui/nginx.conf:80-83

Fix

Either:

Remove the nginx /health block to let it proxy through to mam-api
Or change it to return valid JSON: return 200 '{"status":"ok"}\n';

Additionally, the add_header line is a no-op after return — either use default_type application/json first, or remove the add_header.

## Bug The nginx config in `services/web-ui/nginx.conf` has a dedicated `/health` location block: ```nginx location /health { access_log off; return 200 "healthy\n"; add_header Content-Type text/plain; } ``` This means ALL requests going through the web-ui reverse proxy (port 42423) to `/health` are served directly by nginx — **never reaching the mam-api's `app.get('/health', ...)` handler** which returns `{"status":"ok"}`. The `add_header` line is also **dead code** — `return` directives execute before `add_header`, so `Content-Type` is never set. nginx's default is `text/plain`. ## Impact - Any health checker expecting JSON will fail - Smoke test `deploy/api-smoke.sh` doesn't test `/health` but the discrepancy between the code and deployed behavior is confusing - The mam-api's intended `/health` response is unreachable through the proxy ## Verification ``` $ curl -sv http://10.0.0.25:42423/health < HTTP/1.1 200 OK < Content-Type: text/plain healthy ``` But directly hitting mam-api on port 45431: ``` $ curl -sv http://10.0.0.25:45431/health < Content-Type: application/json {"status":"ok"} ``` ## Location `services/web-ui/nginx.conf:80-83` ## Fix Either: 1. Remove the nginx `/health` block to let it proxy through to mam-api 2. Or change it to return valid JSON: `return 200 '{"status":"ok"}\n';` Additionally, the `add_header` line is a no-op after `return` — either use `default_type application/json` first, or remove the add_header.