Im also getting 502 error on request from nginx reverse proxy to the .internal hostname of the server above
I also get this in my fly deploy logs, my code is explicitly running on 0.0.0.0 port 3000
WARNING The app is not listening on the expected address and will not be reachable by fly-proxy.
You can fix this by configuring your app to listen on the following addresses:
0.0.0.0:3000
Found these processes inside the machine with open listening sockets:
PROCESS | ADDRESSES
-----------------*---------------------------------------
/.fly/hallpass | [fdaa:1:951d:a7b:2da:50e0:67fb:2]:22
Cleared lease for 185e276f454e98
Checking DNS configuration for firstgate-backend.fly.dev
WARN DNS checks failed: read udp 10.24.18.174:57416->8.8.8.8:53: i/o timeout
Oh, so only .internal is problematic. Iâve missed that part.
Can you try to run curl -v http://firstgate-backend.internal/api from the machine that runs the proxy? This should say more about actual connectivity inside your appâs network.
Nginx writes logs about specific problems with upstream connections to a separate errors.log, if you can find it that could also help.
(BTW nginx, unless you are using the commercial subscription, has a serious flaw: it will only resolve upstream server names on restart. See the documentation for the resolve parameter)
That âConnection refusedâ seems off, like your app is not listening on that IPv6 address?
Running ss -nlp | grep 3000 on the appâs machine should show how the ports are actually bound. You want to see something listening on [::]:3000 (for IPv6) or *:3000 (for both IPv4 and v6).