a year ago
I have a service in railway mapped to a custom public subdomain - https://<subdomain>.<domain>. I'm running nginx in EC2 as a reverse proxy available at https://proxy.<domain> and a location mapping that routes traffic to my railway service using the public subdomain.I tested my proxy and I'm able to see the default nginx page.I'm able to hit my railway service using the public subdomain but I'm not able to resolve using the proxy's address. The reverse proxy does seem to route me to railway but I see a "The train has not arrived at the station" page from railway.I'm guessing I'm missing something in my nginx config to play nicely with Railway's internal routing.Here's the location block from my nginx configuration, the rest of the configuration is fairly standard for SSL and HTTP redirect to HTTPS (included in the server block for proxy.<domain>)
location /health {
proxy_pass https://<subdomain>.<domain>/health;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}By the way I'm doing all this because I need a static IP for ingress traffic for my services and I don't think railway supports that but if there's a better alternative, I'd love to learn!
TIA
9 Replies
a year ago
Is NGINX a hard requirement for you? it's really not ideal for proxying to hosts with dynamic IPs that do host based routing.
a year ago
nope, just need (ideally a single) static IP for an API proxy for a few services (that inherently won’t have static IPs)
I could use caddy or open to a completely different architecture that satisfies the static IP requirement
a year ago
Here is a Caddyfile that works to proxy to a Railway services public domain -
# global options
{
admin off # theres no need for the admin api in railway's environment
persist_config off # storage isn't persistent anyway
auto_https off # railway handles https for us, this could in some cases cause issues if left enabled
# runtime logs
log {
format json # set runtime log format to json mode
}
# server options
servers {
trusted_proxies static private_ranges # trust railway's proxy
}
}
# site block, listens on the $PORT environment variable, automatically assigned by railway
:{$PORT} {
# access logs
log {
format json # set access log format to json mode
}
reverse_proxy /health https://<subdomain>.<domain> {
header_up Host {upstream_hostport}
}
}Status changed to Solved railway[bot] • 12 months ago
a year ago
Appreciate the help so far. I don't think I fully understand the suggestion. Would I run caddy in railway and continue to use nginx on my EC2 instance as the API / reverse proxy with a static IP?
a year ago
Got it lemme give that a shot. The caddyfile you provided has references to {$PORT} and some railway related stuff that I won't have access to in my EC2 instance so wasn't sure how it all came together.I'll use caddy instead of Nginx on the EC2 instance and see if the EC2 -> railway routing works
a year ago
{$PORT} is just an environment variable that you can set in your environment, or hard-code it in the Caddyfile if that's more you're thing, that's not specifically Railway related and nothing else is either so I'm not sure what you mean by that?
a year ago
I realized the Caddyfile is from your example repo and the comments in the caddyfile make sense in that context. Anyways I was able to grab the hints from your Caddyfile and got it to work. Thank you!