Running AdGuardHome on Fly.io

How can I run AdGuardHome on Fly.io?
The guide to run AdGuardHome on Docker is available at Docker · AdguardTeam/AdGuardHome Wiki · GitHub

My current Dockerfile is:

FROM adguard/adguardhome:latest as base

EXPOSE 80 10443/tcp 10443/udp 10853/tcp 10853/udp 6060

RUN mkdir -p /opt/adguardhome/conf && \
    mkdir -p /opt/adguardhome/work && \
    mkdir -p /certificate

COPY certificate /certificate

COPY AdGuardHome.yaml /opt/adguardhome/conf/AdGuardHome.yaml

My fly.toml is:

# ...
[build]

[[services]]
  internal_port = 80
  protocol = "tcp"
  auto_stop_machines = true
  auto_start_machines = true
  min_machines_running = 0
  [[services.ports]]
    handlers = ["tls", "http"]
    port = 5000

[[services]]
  internal_port = 10443
  protocol = "tcp"
  [[services.ports]]
    handlers = ["tls", "http"]
    port = 443

[[services]]
  internal_port = 10443
  protocol = "udp"
  [[services.ports]]
    port = 443

[[services]]
  internal_port = 10853
  protocol = "tcp"
  [[services.ports]]
    handlers = ["tls"]
    port = 853

[[services]]
  internal_port = 10853
  protocol = "udp"
  [[services.ports]]
    port = 853

[[vm]]
  cpu_kind = "shared"
  cpus = 1
  memory_mb = 256

What problem are you running into?

The Web-UI is working fine on port 5000. ✓

My problem is that the https endpoint /dns-query is not working.
Example:

# Working example using Google DNS
curl --doh-url https://dns.google/dns-query https://github.com/404

# Failling when I tried to run on my app
# I prefer to not public share the real app URL
curl --doh-url https://example.fly.dev/dns-query https://github.com/404
# curl: (6) Couldn't resolve host name

# Using DIG also does not work
dig @example.fly.dev +https github.com

[SOLVED]

I had to remove the handlers from services.ports. So, I am able to use my own certificate.
Also, the UDP ports need to be the same for external and internal (Running Fly Apps On UDP and TCP · Fly Docs)

Final Dockerfile:

FROM adguard/adguardhome:latest as base

EXPOSE 80 443/tcp 443/udp 853/tcp 853/udp

RUN mkdir -p /opt/adguardhome/conf && \
    mkdir -p /opt/adguardhome/work && \
    mkdir -p /certificate

COPY certificate /certificate

COPY AdGuardHome.yaml /opt/adguardhome/conf/AdGuardHome.yaml

Final fly.toml:

[build]

[[services]]
  internal_port = 80
  protocol = "tcp"
  auto_stop_machines = true
  auto_start_machines = true
  min_machines_running = 0
  [[services.ports]]
    handlers = ["tls", "http"]
    port = 5000

[[services]]
  internal_port = 443
  protocol = "tcp"
  [[services.ports]]
    port = 443

[[services]]
  internal_port = 443
  protocol = "udp"
  [[services.ports]]
    port = 443

[[services]]
  internal_port = 853
  protocol = "tcp"
  [[services.ports]]
    port = 853

[[services]]
  internal_port = 853
  protocol = "udp"
  [[services.ports]]
    port = 853

[[vm]]
  cpu_kind = "shared"
  cpus = 1
  memory_mb = 256