Railway Networking issues
Hi! This is a bit broad as we're still debugging this, but we've been noticing that certain webhook events don't make it to our servers. This is really bad, since we don't really get an error when that happens (since they don't make it to the server!i )
We can also see that some requests fail because the TLS fails, e.g.
request to https://api.stability.ai/v1/generation/stable-diffusion-xl-1024-v1-0/text-to-image failed, reason: Client network socket disconnected before secure TLS connection was established
From our research, this means something may be still wrong with the proxy. Any ideas what we can do? Should we look into cloudflare?
And yes, we do sleep 3s before we start the services...27 Replies
Project ID:
900023fc-eb3b-4c5e-b8bf-83d6fcb5a72f900023fc-eb3b-4c5e-b8bf-83d6fcb5a72f
cc @unstoppablerizz
webhook events, not railway project webhooks I assume?
proxy error, totally possible to be an overzealous filter rule, railway now has an official cloudflare tunnel service you could look into using, this would bypass railways proxy entirely.
Yes that's correct
did you want to give the cloudflare tunnel a try?
Any guide to how to fill this out?
A bit confused - I'm guessing our public domain should go in the public hostname
But not sure about service
@Unsmart Saw that you set up tunnels - could you potentially quickly go over your set up if you don't mind
I was planning on putting together a guide on this and adding it to the templates overview, but I have yet to buy a domain so I can play around in cloudflare (I own only one domain and it's my personal domain)
but I would assume you would want to use the private address and port there
This?
oh no, sorry, im talking about your railway service's private domain and port
Oh
just a guess though, havent played around with this yet
This right
http://<private domain>:<private port>Yup exactly what Brody said.
http://<service>.railway.internal:<port> 😄hm why the port? or do you mean 80 for http
I don't exactly know how that private networking is done so
the replica's run on the same port, and its an internal network so a port is needed in the address
hmmm how can we figure out the port?
you can think of the internal network as just computers on the same local network, but with helpful domains
well what port does your app listen on internally?
the env PORT - I thought railway injects this dynamically
I guess we can define it in the env and it should work. Wasn't clear if it was necessary
That's what I was asking
yeah, its good you are listening on the dynamically assigned PORT, keep doing that, but now also set a static PORT service variable too
and the static port you set, is the port you want to use in this address format
ok
If you want something for this here's some steps I can give.
New + Template: Cloudflare Tunnel
Go to https://one.dash.cloudflare.com/?to=/:account/networks/tunnels
Create a tunnel
Connector: Cloudflared
Enter in a name for your tunnel
Press copy on the
run the following command and extract the token which is the long string at the end of the command
Back on railway paste the token
Save config + Deploy
Back on cloudflare wait for the connector to show up at the bottom
Once it appears go to the next page.
Enter in the subdomain/domain/path you want the service on.
For the service, select the connection type, and in the url enter in the private networking url for the railway service you want to connect to along with the port
Save the tunnel :Peepo_Rocket:Cloudflare One
Cloudflare One replaces legacy security perimeters with our global edge, making the Internet faster and safer for teams around the world.
thats a perfect jumping off point, thank you so much!