Ensuring My Server Live Checks Don't Break With My Weird Set Up

Use Case: I have a reverse proxy that needs to block all URL’s except those on a whitelist.

Problem: This blocks the Live check unless I’m careful

Temp solution: I currently let in all traffic from and that seems to work. But if that gets changed I’m assuming that it will crash my applications.

What should I do to solve this? Is there a certain IP range I can always expect? Or did I completely miss something and none of this makes sense?

That IP address will change, yes.

The best way to do these health check is only respond on a specific hostname, and then configure the check to send that hostname. We have an nginx config that listens for health.check like this:

    server {
        listen 8080;
        listen [::]:8080;
        server_name health.check;

        location /healthz {
            access_log off;
            return 200 "ok: healthz";

And then the corresponding fly.toml has:

    interval = 3000
    method = "get"
    path = "/healthz"
    protocol = "http"
    timeout = 1000
      Host = "health.check

You can also use a script check if you’d prefer, just add a script to your app and configure it like this:

  interval = 2000
  timeout = 1000
  command = "/usr/bin/check-master.sh"

This has to return an exit code of 2 to fail, 0 to succeed.

Thanks for writing that out @kurt Good to know on the health script too.

1 Like