#Railway Tailscale Internal Communication

Hey, I setup a own docker image which includes Uptime Kuma and Tailscale.

Almost everything works, it connects to tailscale and everything, but I have the following issue:

I can connect from devices in the Tailscale network to railway.
But cannot connect from railway to devices in the Tailscale network.

E.g. I can ping the railway container from my server, but cannot ping my server from the railway container

Does anyone have an idea how I could fix that?

Dockerfile

# Use the Uptime Kuma base image
FROM louislam/uptime-kuma:latest

# Install necessary dependencies for Tailscale
RUN apt-get update && \
    apt-get install -y curl iproute2 iptables && \
    apt-get clean && rm -rf /var/lib/apt/lists/*

# Download and install Tailscale
RUN curl -fsSL https://tailscale.com/install.sh | sh

# Expose Uptime Kuma port
EXPOSE 3001

# Copy entrypoint script
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

# Set entrypoint
ENTRYPOINT ["/entrypoint.sh"]

entrypoint.sh

#!/bin/bash

# Start Tailscale with userspace networking and proxy settings
/usr/sbin/tailscaled --state=/var/lib/tailscale/tailscaled.state --socket=/var/run/tailscale/tailscaled.sock --tun=userspace-networking --socks5-server=localhost:1055 --outbound-http-proxy-listen=localhost:1055 &
until /usr/bin/tailscale up --authkey=${TAILSCALE_AUTHKEY} --hostname=${TAILSCALE_HOSTNAME}
do
    sleep 0.1
done

# Start Uptime Kuma
node server/server.js

I don't have any ideas, but I am very curious to know the use case for this?

I want to monitor stuff on my server like the Database which I dont wanna expose to the public, and as I already use tailscale to connect to the database from other Servers in my network, I thought about also monitoring via this.

if you already have the knowhow to run databases on your own hardware, why not run kuma there too?

And to avoid my status page going down when everything goes down, I wanna host it externally.

okay gotcha

Yep.

Because I had stuff going down lately and then I only receive the notifications when everythings back up.

what exactly are the errors you are getting when trying to have kuma ping the stuff you are running on your own hardware?

On my hardware I have no problems.

I just cannot Ping, http request, etc to my hardware from railway.

https://pixelvault.co/clz6b040t002k6qiwrn4wwn4a

you said you can't have kuma on railway ping the stuff you run on your hardware, what specifically are the errors though

Oh yea

These

can you send that as a regular image please

Here.

The ip is a valid tailscale ip.

not the most helpful error message, I think you might find the help you need in some kind of tailscale community if one exists?

idk, the best place to ask would be here I assumed.

this pertains far more to tailscale than railway tbh

Hm

Okay. Just one more thing.

Could it be that the railway and tailscale networks are interfering?

As I saw the 100.x IP range in the logs of railway.

your container does not have a 100x IP, so that would be tailscale

Hm weird. because I dont have any 100.64.x ip in my Tailscale network.

would that not be tailscale itself

Uhm idk

I mean the railway ip of the container is 100.83.185.48

Mine is 100.121.149.44

So yea.

I'm looking at it right now and the container ips are 10.x

Hm weird.

interface name: railnet0
├─ flags: up, broadcast, multicast
├─ ipv4 address: 10.250.10.122
├─ ipv6 addresses: fd12:74d7:7e85::a4:ee15:a937, fe80::a0aa:eeff:fe15:a937
└─ hardware address: a2:aa:ee:15:a9:37

Weird.

likely some small misconfiguration with tailscale, do they have a forum or community you can ask?

Yes they have a forum.

Ig I'm gonna ask there then.

perfect, let me know how that goes and if you need any railway specific information you can ask me

👍

http://100.83.185.48:60582/
One last quick thing.
It must have some sort of connection. As it knows my tailscale IP, plus my tailscale hostname.

Btw can I somehow ssh into the container?
To make debugging easier?

railway does not provide that