N/A

I'm just asking this because apparently I'm getting quite a lot of egress.

I'm not sure if this is a result of Caddy (yes I run Caddy that proxies a certain file folder as a static webserver to the public network) having a random weird egress.

Echo is stdlib, so the following code should suffice to listen on IPv6.

port := cmp.Or(os.Getenv("PORT"), "8080")

app.Start((":" + port))

@RyanKnack - for visibility

Wouldn't this also bind to the public network? Because this one service has both private and public networking enabled.

The private should only be for the echo API and the public is for the Caddy API

yes, if you don't want to expose the app then don't add a domain to it

Oh so what you mean is I can just onit the hostname, but proxy the requests through the service settings network instead?

And then in a separate service I can call it even it without being binded to the private network?

I think I'm missing some much needed context here

Ok

There are 2 services, service A and service B

Service A makes a fetch request to service B, through the private network to reach service B's echo API (through port 80).

Service B has the echo API, which should ONLY be exposed to the private network (so service A can communicate with service B). Service B also has a Caddy static server that I expose to the public network (through the service settings through port 8081)

I want to know if the above, https://discord.com/channels/713503345364697088/1293340927024173181/1293340927024173181, is the correct way to do it

in this story, the code you showed above, what service is it in?

Go code is in service B, nodeJS fetch code in service A

does service B need to be connected to over the public network?

Yes, but only through port 8081 for the Caddy server

it's a go app, how is it also caddy?

I run two simultaneous scripts

Like go run server.go & caddy run

why aren't those broken out into two railway services?

I needed to store temporary files in the ephemeral disk, because I couldn't share volumes across services

alright fair enough

alright then if you don't want the go app to be publicly exposed, simply don't publicly expose it

assuming this is valid, this is what you want to use

So without adding the host it will be private?

And still reachable by service A?

correct

Aight awesome I'll try it out later

sounds good

Ok I've done that and now the app bounds itself to both the private and public network. If I'm not mistaken all I have to do is just to not add a route from the service settings to the public port right?

correct

So with the egress issue as long as I call the endpoint http://private-service.railway.internal all happenings will happen over the private network despite the Go webserver bounded by both, so not incurring egress costs?

you need to use the port too, but yes

Oh I thought http defaults to port 80 so I didn't have to <:kekw:788259314607325204>

it does, but it's best to not listen on a privileged port