Outbound IP Address

Interested to see if there is any plans to enable using the IP addresses assigned to an app as the outbound IP’s if those apps need to make requests to external network services.

My use case is to connect into an external DB, which has firewall requirements limiting external IP’s that can connect to it.

I think I might have answered my own question from another post…

If we add a peer on a server behind the firewall with access to the db server and setup a tunnel, it sounds like we can use the tunnel in reverse from within the instance in fly…

Will give that a test and see how we go.

1 Like

Yes that’s the best way to do it! We don’t have stable outbound IPs yet, so IP restrictions are a no go. They’re also pretty brittle and doing wireguard peers is a much better answer for talking to private services.

This is also what I was hoping to do. I have a database hosted in Azure. I can easily assign IPs to whitelist but not if they change regularly. And deploying GO code in Azure is annoying.

We’ll automate this someday, but it’s reasonably simple to create a wireguard server on an Ubuntu instance and connect your app through that to your DB.

https://fly.io/docs/reference/privatenetwork/#private-network-vpn