Erich Blume
4bbe4e7c20
Three changes to eliminate 502s during proxy deploys: 1. Start nginx after Tailscale connects (not before) so MagicDNS is always available when the first request arrives. This is the community-recommended pattern for Tailscale sidecars on Fly.io. 2. Switch deploy strategy to bluegreen — the old machine keeps serving traffic until the new one passes health checks, then Fly.io cuts over. Rolling deploys with a single machine always cause downtime. 3. Replace top-level [checks] with [[http_service.checks]]. Top-level checks only monitor; they don't gate traffic routing. Service-level checks tell the Fly Proxy to hold traffic until the app is ready. The sentinel file (/tmp/tailscale-ready) and nginx if-check are removed since nginx no longer starts before Tailscale. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
21 lines
334 B
TOML
21 lines
334 B
TOML
app = "blumeops-proxy"
|
|
primary_region = "sjc"
|
|
|
|
[build]
|
|
|
|
[deploy]
|
|
strategy = "bluegreen"
|
|
|
|
[http_service]
|
|
internal_port = 8080
|
|
force_https = true
|
|
auto_stop_machines = "off"
|
|
auto_start_machines = true
|
|
min_machines_running = 1
|
|
|
|
[[http_service.checks]]
|
|
grace_period = "15s"
|
|
interval = "10s"
|
|
method = "GET"
|
|
path = "/healthz"
|
|
timeout = "5s"
|