I have some HTTP requests I need to run from my local machine against a private service already deployed as a fly application. I’d like to do this completely in userland without needing to “install” a wireguard client on my local machine.
I know that ssh tunneling seems to work this way but is there a way to proxy other traffic to a TCP service other than SSH?
That is definitely a problem. The internal network won’t route traffic to IPv4 only services. It should be a simple fix for graph-node to listen on both ipv4 and ipv6, though. I bet they’d accept a PR!
Once I get things working I’ll figure out what sort of PR might make sense to file with the graph-node project.
I also ended up using docker compose to create a sort of “tunneled” environment to run the container within locally. It requires a bit of acrobatics to make it work, but I think it’s the simplest approach, all things considered.
For each service on fly I want to connect to, I run an additional service in docker-compose.yml. I also use the --exit-code-from option on docker compose up, which tears everything down cleanly after my ephemeral container finishes executing.
This approach would be even cleaner if flyctl proxy accepted a --bind argument that let me bind it to something other than 127.0.0.1. (In this specific setting I would prefer 0.0.0.0.)