Can't deploy with wireguard over wireguard

In hindsight this should be an obvious source of issues, but when I try to fly deploy while being connected to another Wireguard tunnel, fly deploy ends up just hanging after --> Pushing image done.

Are you saying the build is hanging when you push an app for “org A” while connected to a wireguard tunnel for “org B”? What version of flyctl are you running?

I’m running a wireguard tunnel that’s unrelated to fly.io. I actually need to adjust MTU on my networks because of this, and I’m assuming this is also what’s interfering with fly deployments.

If you get to the “Pushing image done” line, you’re past the steps that use wireguard. If this happens repeatedly, will you run LOG_LEVEL=debug fly deploy and copy the last few lines of output?

There are no further logs printed, even with debug logs, after

==> Pushing image to fly
The push refers to repository [xxxx]
21762d9d8a68: Layer already exists 
deployment-1629578469: digest: sha256:46147be8e9dc94a42c0bd6d5dc3d8ed4938b4d6938c0211a079b361145a5c42b size: 528
--> Pushing image done

When I switch to a network without wg, the deployment passes successfully.

May be relevant:

% fly version
fly v0.0.233 darwin/arm64 Commit: c7d3f52 BuildDate: 2021-08-19T16:22:27Z

Wow it just hangs after Pushing image done? I’d expect to see an API request there.

This sounds like it might be a DNS issue looking up api.fly.io. I get weird DNS problems when I have wireguard connections in strange states.

Is there something special flyctl does to do DNS lookup? My regular DNS resolver is working fine for everything else, but of course I can’t rule this out.

No, not for api.fly.io. That just uses system DNS. We’re working on getting more debug logs in so we can get an idea what happens after Pushing image done.