The image you are using does not provide basic auth, but this one does - https://github.com/brody192/railway-caddy-basic-auth/pkgs/container/railway-caddy-basic-auth

See its readme for the needed variables.

But for the actual issue, from your deploy logs of the proxy service -

dial tcp [fd12:9bff:1ee5::21:cf5b:ac34]:5601: connect: connection refused

This likely means that Kibana web UI is not listening on IPv6, if it's not it will fail like this since the private network is IPv6 only.

Thank you, brody! I was aware that the caddy image I'm using doesn't provide basic auth, but I was trying to get to the heart of the proxy issue first before proceeding to that next step. I wasn't aware about IPv6 being a requirement, so that is helpful. I appreciate your insight!

FWIW, it looks like Kibana may not support IPv6. I tried changing the image's SERVER_HOST environment variable from "0.0.0.0" to "::/0", and that resulted in a deploy error.

FATAL Error: [config validation of [server].host]: value must be a valid hostname (see RFC 1123).

I may have to forgo using Kibana for now, or just figure out another option for accessing it securely.

Success! I set SERVER_HOST to ::, and both Kibana deployed successfully, and my proxy now works! Thank you so much!

No problem, now you should be able to swap out that image for the one with auth and update your variables.