Accessing private app from another app

Questions / Help
1

Hello so I have a backend api which I only want to expose to another app. So this backend only has a private ipv6 address. I created a wireguard tunnel and I am able to ping6 the app-name.internal but I am unable to curl my api. My toml file for my backend looks like this.

# fly.toml app configuration file generated for chatdataroots-backend on 2024-06-04T08:38:22+02:00
#
# See https://fly.io/docs/reference/configuration/ for information about how to use this file.
#

app = 'chatdataroots-backend'
primary_region = 'ams'

[build]
  dockerfile = 'backend.Dockerfile'

[[vm]]
  memory = '1gb'
  cpu_kind = 'shared'
  cpus = 1

When I fly ssh console and do curl -I http://0.0.0.0:5328 I get a response from my API.
But when Im connected with wireguard on my local pc and try to curl this app I never get anything. I tried curl -I http://chatdataroots-backend.internal and curl -I http://chatdataroots-backend.internal:5328 and also curl -I http://0.0.0.0:5328 but i always get curl: (7) Failed to connect to .... Couldn't connect to server
All help is greatly appreciated!

2

Are you binding to fly-local-6pn? Some docs on this here: Private Networking · Fly Docs

3

Hey yes I was reading some other posts and saw that binding should fix this but Im a bit clueless on how to correctly bind. Do i need to change the ipv6 address in my /etc/hosts next to fly-local-6pn to ::? or how should i correctly bind this? Thanks again!

4

How are you running the webserver in the chatdataroots-backend app? This is where you would specify the bind address.

1 Like
5

CMD [“rye”, “run”, “fastapi_api”] its running like this where the fastapi_api is actually this script
fastapi_api = [“uvicorn”, “src.genai_template.app:app”, “–reload”, “–port”, “5328”, “–host”, “0.0.0.0”]
So the 0.0.0.0 should become :: ?

6

It works thanks!!

7

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.