-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathfly.toml
More file actions
60 lines (48 loc) · 1.42 KB
/
fly.toml
File metadata and controls
60 lines (48 loc) · 1.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# fly.toml — dnsink public deployment
# Public DNS proxy: UDP + TCP on :53, Prometheus /metrics on :9090.
# Image is pulled from ghcr.io on each `flyctl deploy`.
app = "dnsink"
primary_region = "bom"
[build]
dockerfile = "Dockerfile"
# DNS over UDP — fly.io does not rewrite UDP ports, so external must
# equal internal. Using 5353 since distroless:nonroot can't bind :53
# without NET_BIND_SERVICE. Clients use: dig @dnsink.fly.dev -p 5353 …
[[services]]
protocol = "udp"
internal_port = 5353
[[services.ports]]
port = 5353
# DNS over TCP — fly CAN rewrite TCP ports, so we keep the external
# DNS-standard :53. Internal still 5353 to match the container bind.
[[services]]
protocol = "tcp"
internal_port = 5353
[[services.ports]]
port = 53
# Prometheus /metrics — reachable at:
# https://dnsink.fly.dev/metrics (TLS-terminated by fly-proxy)
# http://dnsink.fly.dev/metrics (redirects to HTTPS)
# http://dnsink.fly.dev:9090/metrics (plain HTTP, scraper-friendly)
[[services]]
protocol = "tcp"
internal_port = 9090
[[services.ports]]
port = 443
handlers = ["tls", "http"]
[[services.ports]]
port = 80
handlers = ["http"]
force_https = true
[[services.ports]]
port = 9090
handlers = ["http"]
[[services.http_checks]]
interval = "15s"
timeout = "2s"
method = "GET"
path = "/metrics"
[[vm]]
cpu_kind = "shared"
cpus = 1
memory_mb = 512