I’m running a Debian Dockerfile on Flyio and getting two errors that have been tough to solve.
peerapi: failed to do peerAPI listen, harmless (netstack available) but error was: listen tcp6 [fd7a:115c:a1e0:efe3::644e:5bc7]:0: bind: cannot assign requested address
I know Flyio supports ipv6 and Debian as well so I’m not sure what’s going on here or even really how to debug this.
health("router"): error: setting up filter/ts-input: running [/usr/sbin/iptables -t filter -N ts-input --wait]: exit status 4: iptables v1.8.7 (nf_tables): Could not fetch rule set generation id: Invalid argument
I’ve tried nftables and some other variations but could not get this to work (I think iptables actually does use nftables under the hood now though).
The Dockerfile looks like this:
FROM bitnami/minideb:bullseye as tailscale
ENV TSFILE=tailscale_1.36.2_amd64.tgz
WORKDIR /app
RUN install_packages wget ca-certificates
RUN wget https://pkgs.tailscale.com/stable/${TSFILE} && \
tar xzf ${TSFILE} --strip-components=1
FROM bitnami/minideb:bullseye
# Maybe missing some package here?
RUN install_packages ca-certificates iptables iproute2
COPY --from=tailscale /app/tailscaled /app/tailscaled
COPY --from=tailscale /app/tailscale /app/tailscale
ENTRYPOINT ["/start.sh"]
And the entrypoint looks like this:
/app/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/var/run/tailscale/tailscaled.sock &
until /app/tailscale up --authkey=${TS_AUTHKEY} --hostname=fly-app
do
sleep 0.1
done
I’m also running Caddy with this set up but I’ve removed those parts from the Dockerfile and entrypoint to keep things relevant to Tailscale.
Any help is much appreciated.