fix: off query internal url (#352)

fix for off to really use off-query.

docs/nginx-reverse-proxy.md

@@ -12,6 +12,13 @@ It as a specific network configurations with two ethernet address:
 
 **Important**: only the public ip should have a gateway [^proxmox_multiple_gateway]
 
+## Never call an internal service using reverse proxy
+
+**Important**: Because of above limitation [^proxmox_multiple_gateway],
+if a service use another service which is on the same proxmox cluster,
+it should use it's internal address and not the public / reverse proxy address,
+otherwise packets routing will be broken, and request will never land.
+
 
 [^proxmox_multiple_gateway]: The default proxmox interface does not offer options to indicate which gateway should be the default gateway, and the public ip needs to have its gateway as the default one, and there is no trivial way to achieve this reliably and elegantly, thus the best solution is to have only one gateway. See also [ovh reverse proxy incident of 2022-02-18](./reports/2022-02-18-ovh-reverse-proxy-down.md)
 

docs/reports/2024-04-12-install-off-query-off1.md

@@ -239,6 +239,20 @@ nginx -t
 systemctl reload nginx
 ```
 
+## IMPORTANT POST Install fix
+
+Open Food Facts Produc Opener instance was using off-query public address to access the service.
+But due to a limitation on routing in proxmox,
+[we can't access services hosted on same proxmox cluster using the off2 reverse proxy](../nginx-reverse-proxy.md#never-call-an-internal-service-using-reverse-proxy).
+
+So in fact Product Opener was expecting a response that did not came, until timeout.
+This had the bad side effect of monopolizing workers…
+
+The fix was to change in Config2.pm,
+`$query_url="https://query.openfoodfacts.org";`
+to `$query_url = "http://10.1.0.115:5511";`
+
+
 ## Removing old install
 
 After moving, I did a `docker compose down` on the container VM where the old install was.