Dokku's GitHub action doesn't seem to properly connect to the host with Tailscale involved #96
Description
Description of problem
I'm trying to use Tailscale's GitHub action to connect to my Dokku host which has Tailscale installed. Ran into multiple issues (failed hostname resolution, then a "missing command" when using the node's IP address given to me by Tailscale directly) and can't get it work.
How reproducible
Very
Steps to Reproduce
- Add a Tailscale setup step to your GitHub actions yml:
- name: Set up Tailscale
uses: tailscale/github-action@v3
with:
oauth-client-id: ${{ secrets.TAILSCALE_OAUTH_CLIENT_ID }}
oauth-secret: ${{ secrets.TAILSCALE_OAUTH_SECRET }}
tags: tag:ci
- Add a Dokku deploy step to your GitHub actions yml after your build step:
- name: Deploy API
uses: dokku/github-action@v1.6.1
with:
ssh_private_key: ${{ secrets.SSH_PRIVATE_KEY }}
git_remote_url: ssh://dokku@${{ env.DOKKU_HOST }}:22/${{ github.repository }}-api
deploy_docker_image: ghcr.io/${{ github.repository }}-api:${{ github.sha }}
trace: 1
- Observe the results below instead of the deploy succeeding
Actual Results
I first tried using the MagicDNS hostname as my $DOKKU_HOST:
Run dokku/github-action@v1.6.1
/usr/bin/docker run --name ca4b537bdd7a4a72ad8b1ba7c905fd62_927fa5 --label 623329 --workdir /github/workspace --rm -e "DOKKU_HOST" -e "INPUT_SSH_PRIVATE_KEY" -e "INPUT_GIT_REMOTE_URL" -e "INPUT_DEPLOY_DOCKER_IMAGE" -e "INPUT_TRACE" -e "INPUT_BRANCH" -e "INPUT_CI_BRANCH_NAME" -e "INPUT_CI_COMMIT" -e "INPUT_COMMAND" -e "INPUT_DEPLOY_USER_NAME" -e "INPUT_DEPLOY_USER_EMAIL" -e "INPUT_GIT_PUSH_FLAGS" -e "INPUT_REVIEW_APP_NAME" -e "INPUT_SSH_HOST_KEY" -e "INPUT_SSH_PASSPHRASE" -e "BRANCH" -e "CI_BRANCH_NAME" -e "CI_COMMIT" -e "COMMAND" -e "DEPLOY_DOCKER_IMAGE" -e "DEPLOY_USER_NAME" -e "DEPLOY_USER_EMAIL" -e "GIT_PUSH_FLAGS" -e "GIT_REMOTE_URL" -e "REVIEW_APP_NAME" -e "SSH_HOST_KEY" -e "SSH_PRIVATE_KEY" -e "SSH_PASSPHRASE" -e "TRACE" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_ENVIRONMENT" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e "ACTIONS_RESULTS_URL" -e GITHUB_ACTIONS=true -e CI=true --entrypoint "/bin/dokku-deploy" --network github_network_62c7baefff4d43efaa5918eaad246dbc -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/watchdog-backend/watchdog-backend":"/github/workspace" 623329:ca4b537bdd7a4a72ad8b1ba7c905fd62
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -z master ]
+ setup-ssh
+ '[' -n ]
+ '[' -n ]
+ log-info 'Setting up SSH Key'
+ mkdir -p /root/.ssh
Setting up SSH Key
+ echo '***
***
***
***
***
***
***'
+ tr -d '\r'
+ chmod 600 /root/.ssh/id_rsa
+ chmod 700 /root/.ssh
+ '[' '!' -s /root/.ssh/id_rsa ]
+ '[' -n ]
+ parse-ssh-port
+ ssh_port=[22](https://github.com/mockernut-ventures/watchdog-backend/actions/runs/12800321189/job/35687900890#step:17:23)
+ parse-ssh-host
Invalid IP address: redactedmagicdnshostname
+ ssh_host=redactedmagicdnshostname
+ log-info 'Generating SSH_HOST_KEY from ssh-keyscan against redactedmagicdnshostname:22'
Generating SSH_HOST_KEY from ssh-keyscan against redactedmagicdnshostname:22
+ ssh-keyscan -H -p 22 redactedmagicdnshostname
getaddrinfo redactedmagicdnshostname: Try again
getaddrinfo redactedmagicdnshostname: Try again
getaddrinfo redactedmagicdnshostname: Try again
getaddrinfo redactedmagicdnshostname: Try again
getaddrinfo redactedmagicdnshostname: Try again
That didn't work because it seems like whatever tool is being used to resolve the IP address for the hostname doesn't work properly with Tailscale's network.
I also tried the IP address that Tailscale gave me directly, which seemed to work at first but then threw a strange error (/bin/bash: line 1: git:from-image: command not found):
Run dokku/github-action@v1.6.1
/usr/bin/docker run --name cd76f936e16cf5819b425197b49e7717e399b5_ed5875 --label cd76f9 --workdir /github/workspace --rm -e "DOKKU_HOST" -e "INPUT_SSH_PRIVATE_KEY" -e "INPUT_GIT_REMOTE_URL" -e "INPUT_DEPLOY_DOCKER_IMAGE" -e "INPUT_TRACE" -e "INPUT_BRANCH" -e "INPUT_CI_BRANCH_NAME" -e "INPUT_CI_COMMIT" -e "INPUT_COMMAND" -e "INPUT_DEPLOY_USER_NAME" -e "INPUT_DEPLOY_USER_EMAIL" -e "INPUT_GIT_PUSH_FLAGS" -e "INPUT_REVIEW_APP_NAME" -e "INPUT_SSH_HOST_KEY" -e "INPUT_SSH_PASSPHRASE" -e "BRANCH" -e "CI_BRANCH_NAME" -e "CI_COMMIT" -e "COMMAND" -e "DEPLOY_DOCKER_IMAGE" -e "DEPLOY_USER_NAME" -e "DEPLOY_USER_EMAIL" -e "GIT_PUSH_FLAGS" -e "GIT_REMOTE_URL" -e "REVIEW_APP_NAME" -e "SSH_HOST_KEY" -e "SSH_PRIVATE_KEY" -e "SSH_PASSPHRASE" -e "TRACE" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_ENVIRONMENT" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e "ACTIONS_RESULTS_URL" -e GITHUB_ACTIONS=true -e CI=true --entrypoint "/bin/dokku-deploy" --network github_network_f6ee4ad2d8e848cb96a5dd0f3c[11](https://github.com/mockernut-ventures/watchdog-backend/actions/runs/12800674480/job/35688856403#step:17:12)c89a -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/watchdog-backend/watchdog-backend":"/github/workspace" cd76f9:36e16cf5819b425197b49e7717e399b5
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -z master ]
+ setup-ssh
+ '[' -n ]
+ '[' -n ]
+ log-info 'Setting up SSH Key'
+ mkdir -p /root/.ssh
+ echo '***
***
***
***
***
***
***'
+ tr -d '\r'
+ chmod 600 /root/.ssh/id_rsa
+ chmod 700 /root/.ssh
Setting up SSH Key
+ '[' '!' -s /root/.ssh/id_rsa ]
+ '[' -n ]
+ parse-ssh-port
+ ssh_port=22
+ parse-ssh-host
+ ssh_host=redactedipgoeshere
+ log-info 'Generating SSH_HOST_KEY from ssh-keyscan against redactedipgoeshere:22'
+ ssh-keyscan -H -p 22 redactedipgoeshere
Generating SSH_HOST_KEY from ssh-keyscan against redactedipgoeshere:22
# redactedipgoeshere:22 SSH-2.0-Tailscale
# redactedipgoeshere:22 SSH-2.0-Tailscale
# redactedipgoeshere:22 SSH-2.0-Tailscale
# redactedipgoeshere:22 SSH-2.0-Tailscale
# redactedipgoeshere:22 SSH-2.0-Tailscale
+ chmod 600 /root/.ssh/known_hosts
+ '[' -n ]
+ log-info 'Adding SSH Key to ssh-agent'
Adding SSH Key to ssh-agent
+ ssh-agent -s
+ eval 'SSH_AUTH_SOCK=/tmp/ssh-XXXXXXlOFhAA/agent.19; export SSH_AUTH_SOCK;
SSH_AGENT_PID=20; export SSH_AGENT_PID;
Agent pid 20
echo Agent pid 20;'
+ SSH_AUTH_SOCK=/tmp/ssh-XXXXXXlOFhAA/agent.19
+ export SSH_AUTH_SOCK
+ SSH_AGENT_PID=20
+ export SSH_AGENT_PID
+ echo Agent pid 20
+ ssh-add /root/.ssh/id_rsa
Identity added: /root/.ssh/id_rsa (github-actions-dokku)
+ parse-ci-commit
+ value=
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -n ]
+ '[' -n d4080ac4818574fedb3a8aa6f2630f9fb500b65b ]
+ value=d4080ac4818574fedb3a8aa6f2630f9fb500b65b
+ echo d4080ac4818574fedb3a8aa6f2630f9fb500b65b
+ commit_sha=d4080ac4818574fedb3a8aa6f2630f9fb500b65b
+ parse-app-name
+ '[' -n ]
+ echo ssh://dokku@redactedipgoeshere:22/mockernut-ventures/watchdog-backend-api
+ sed -e 's/.*\///'
+ app_name=watchdog-backend-api
+ parse-ssh-host
+ parse-ssh-port
+ ssh_remote=ssh://dokku@redactedipgoeshere:22
+ '[' deploy '=' review-apps:create ]
+ '[' deploy '=' review-apps:destroy ]
+ '[' deploy '=' review-apps:destroy ]
+ '[' -n deploy ]
+ '[' deploy '!=' review-apps:create ]
+ '[' deploy '!=' deploy ]
+ '[' -z d4080ac48[18](https://github.com/mockernut-ventures/watchdog-backend/actions/runs/12800674480/job/35688856403#step:17:19)574fedb3a8aa6f2630f9fb500b65b ]
+ '[' deploy '=' review-apps:create ]
+ is_review_app=false
+ remote_app_name=watchdog-backend-api
+ '[' -n ]
+ git config --global --add safe.directory /github/workspace
+ '[' -f bin/ci-pre-deploy ]
+ '[' -f ci-commit-override ]
+ '[' -n ghcr.io/mockernut-ventures/watchdog-backend-api:d4080ac4818574fedb3a8aa6f2630f9fb500b65b ]
+ log-info 'Deploying image to Dokku Host'
Deploying image to Dokku Host
+ ssh ssh://dokku@100.84.[22](https://github.com/mockernut-ventures/watchdog-backend/actions/runs/12800674480/job/35688856403#step:17:23)7.76:22 -- git:from-image watchdog-backend-api ghcr.io/mockernut-ventures/watchdog-backend-api:d4080ac4818574fedb3a8aa6f[26](https://github.com/mockernut-ventures/watchdog-backend/actions/runs/12800674480/job/35688856403#step:17:27)30f9fb500b65b
/bin/bash: line 1: git:from-image: command not found
Expected Results
Environment Information
dokku report watchdog-backend-api output
-----> uname: Linux ip-REDACTED 6.1.0-30-cloud-arm64 #1 SMP Debian 6.1.124-1 (2025-01-12) aarch64 GNU/Linux
-----> memory:
total used free shared buff/cache available
Mem: 3854 1315 1003 1 1722 2538
Swap: 0 0 0
-----> disk utilization:
Filesystem Size Used Avail Use% Mounted on
/dev/nvme0n1p1 30G 7.6G 21G 27% /
/dev/nvme0n1p15 127M 12M 115M 10% /boot/efi
-----> disk inode utilization:
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/nvme0n1p1 1.9M 144K 1.8M 8% /
/dev/nvme0n1p15 0 0 0 - /boot/efi
-----> docker version:
Client: Docker Engine - Community
Version: 27.5.0
API version: 1.47
Go version: go1.22.10
Git commit: a187fa5
Built: Mon Jan 13 15:24:48 2025
OS/Arch: linux/arm64
Context: default
Server: Docker Engine - Community
Engine:
Version: 27.5.0
API version: 1.47 (minimum version 1.24)
Go version: go1.22.10
Git commit: 38b84dc
Built: Mon Jan 13 15:24:48 2025
OS/Arch: linux/arm64
Experimental: false
containerd:
Version: 1.7.25
GitCommit: bcc810d6b9066471b0b6fa75f557a15a1cbf31bb
runc:
Version: 1.2.4
GitCommit: v1.2.4-0-g6c52b3f
docker-init:
Version: 0.19.0
GitCommit: de40ad0
-----> docker daemon info:
time="2025-01-16T02:10:49Z" level=debug msg="otel error" error="1 errors occurred detecting resource:\n\t* conflicting Schema URL: https://opentelemetry.io/schemas/1.21.0 and https://opentelemetry.io/schemas/1.26.0"
Client: Docker Engine - Community
Version: 27.5.0
Context: default
Debug Mode: true
Plugins:
buildx: Docker Buildx (Docker Inc.)
Version: v0.19.3
Path: /usr/libexec/docker/cli-plugins/docker-buildx
compose: Docker Compose (Docker Inc.)
Version: v2.32.3
Path: /usr/libexec/docker/cli-plugins/docker-compose
Server:
Containers: 10
Running: 10
Paused: 0
Stopped: 0
Images: 24
Server Version: 27.5.0
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Using metacopy: false
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 runc
Default Runtime: runc
Init Binary: docker-init
containerd version: bcc810d6b9066471b0b6fa75f557a15a1cbf31bb
runc version: v1.2.4-0-g6c52b3f
init version: de40ad0
Security Options:
apparmor
seccomp
Profile: builtin
cgroupns
Kernel Version: 6.1.0-30-cloud-arm64
Operating System: Debian GNU/Linux 12 (bookworm)
OSType: linux
Architecture: aarch64
CPUs: 2
Total Memory: 3.764GiB
Name: ip-REDACTED
ID: 6a084ba0-37c7-4a62-9196-d8b34983272d
Docker Root Dir: /var/lib/docker
Debug Mode: false
File Descriptors: 109
Goroutines: 130
System Time: 2025-01-16T02:10:49.222513477Z
EventsListeners: 2
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
-----> herokuish version:
! herokuish not supported on arm64 architecture
-----> dokku version: dokku version 0.35.15
-----> dokku-event-listener version: v0.17.0
-----> dokku-update version: dokku-update v0.9.5
-----> docker-container-healthchecker version: v0.11.3
-----> docker-image-labeler version: v0.8.0
-----> git version: git version 2.39.5
-----> lambda-builder version: v0.8.0
-----> netrc version: v0.10.0
! pack binary is not available
-----> plugn version: plugn: v0.16.0
-----> sigil version: v0.11.0
-----> sshcommand version: sshcommand v0.18.1
-----> dokku plugins:
00_dokku-standard 0.35.15 enabled dokku core standard plugin
20_events 0.35.15 enabled dokku core events logging plugin
app-json 0.35.15 enabled dokku core app-json plugin
apps 0.35.15 enabled dokku core apps plugin
builder 0.35.15 enabled dokku core builder plugin
builder-dockerfile 0.35.15 enabled dokku core builder-dockerfile plugin
builder-herokuish 0.35.15 enabled dokku core builder-herokuish plugin
builder-lambda 0.35.15 enabled dokku core builder-lambda plugin
builder-nixpacks 0.35.15 enabled dokku core builder-nixpacks plugin
builder-null 0.35.15 enabled dokku core builder-null plugin
builder-pack 0.35.15 enabled dokku core builder-pack plugin
buildpacks 0.35.15 enabled dokku core buildpacks plugin
caddy-vhosts 0.35.15 enabled dokku core caddy-vhosts plugin
certs 0.35.15 enabled dokku core certificate management plugin
checks 0.35.15 enabled dokku core checks plugin
common 0.35.15 enabled dokku core common plugin
config 0.35.15 enabled dokku core config plugin
cron 0.35.15 enabled dokku core cron plugin
docker-options 0.35.15 enabled dokku core docker-options plugin
domains 0.35.15 enabled dokku core domains plugin
enter 0.35.15 enabled dokku core enter plugin
git 0.35.15 enabled dokku core git plugin
haproxy-vhosts 0.35.15 enabled dokku core haproxy-vhosts plugin
logs 0.35.15 enabled dokku core logs plugin
network 0.35.15 enabled dokku core network plugin
nginx-vhosts 0.35.15 enabled dokku core nginx-vhosts plugin
openresty-vhosts 0.35.15 enabled dokku core openresty-vhosts plugin
plugin 0.35.15 enabled dokku core plugin plugin
ports 0.35.15 enabled dokku core ports plugin
proxy 0.35.15 enabled dokku core proxy plugin
ps 0.35.15 enabled dokku core ps plugin
registry 0.35.15 enabled dokku core registry plugin
repo 0.35.15 enabled dokku core repo plugin
resource 0.35.15 enabled dokku core resource plugin
run 0.35.15 enabled dokku core run plugin
scheduler 0.35.15 enabled dokku core scheduler plugin
scheduler-docker-local 0.35.15 enabled dokku core scheduler-docker-local plugin
scheduler-k3s 0.35.15 enabled dokku core scheduler-k3s plugin
scheduler-null 0.35.15 enabled dokku core scheduler-null plugin
shell 0.35.15 enabled dokku core shell plugin
ssh-keys 0.35.15 enabled dokku core ssh-keys plugin
storage 0.35.15 enabled dokku core storage plugin
trace 0.35.15 enabled dokku core trace plugin
traefik-vhosts 0.35.15 enabled dokku core traefik-vhosts plugin
=====> watchdog-backend-api app-json information
App json computed selected: app.json
App json global selected: app.json
App json selected:
=====> watchdog-backend-api app information
App created at: 1731760206
App deploy source: docker-image
App deploy source metadata: ghcr.io/mockernut-ventures/watchdog-backend-api:a976eff72d8b13e04c2c491bce82e8b054525f9d
App dir: /home/dokku/watchdog-backend-api
App locked: false
=====> watchdog-backend-api builder information
Builder build dir:
Builder computed build dir:
Builder computed selected:
Builder global build dir:
Builder global selected:
Builder selected:
=====> watchdog-backend-api builder-dockerfile information
Builder dockerfile computed dockerfile path: Dockerfile
Builder dockerfile global dockerfile path: Dockerfile
Builder dockerfile dockerfile path:
=====> watchdog-backend-api builder-herokuish information
Builder herokuish computed allowed: false
Builder herokuish global allowed: false
Builder herokuish allowed:
=====> watchdog-backend-api builder-lambda information
Builder lambda computed lambdayml path: lambda.yml
Builder lambda global lambdayml path: lambda.yml
Builder lambda lambdayml path:
=====> watchdog-backend-api builder-nixpacks information
Builder nixpacks computed nixpackstoml path: nixpacks.toml
Builder nixpacks global nixpackstoml path: nixpacks.toml
Builder nixpacks nixpackstoml path:
Builder nixpacks computed no cache: false
Builder nixpacks global no cache: false
Builder nixpacks no cache:
=====> watchdog-backend-api builder-pack information
Builder pack computed projecttoml path: project.toml
Builder pack global projecttoml path: project.toml
Builder pack projecttoml path:
=====> watchdog-backend-api buildpacks information
Buildpacks computed stack: gliderlabs/herokuish:latest-24
Buildpacks global stack:
Buildpacks list:
Buildpacks stack:
=====> watchdog-backend-api caddy information
Caddy image: lucaslorentz/caddy-docker-proxy:2.9
Caddy letsencrypt email:
Caddy letsencrypt server: https://acme-v02.api.letsencrypt.org/directory
Caddy log level: ERROR
Caddy polling interval: 5s
Caddy tls internal: false
=====> watchdog-backend-api ssl information
Ssl dir: /home/dokku/watchdog-backend-api/tls
Ssl enabled: false
Ssl hostnames:
Ssl expires at:
Ssl issuer:
Ssl starts at:
Ssl subject:
Ssl verified:
=====> watchdog-backend-api checks information
Checks disabled list: none
Checks skipped list: none
Checks computed wait to retire: 60
Checks global wait to retire: 60
Checks wait to retire:
=====> watchdog-backend-api docker options information
Docker options build:
Docker options deploy: --restart=on-failure:10
Docker options run:
=====> watchdog-backend-api domains information
Domains app enabled: true
Domains app vhosts: api.watchdog.chat
Domains global enabled: false
Domains global vhosts:
=====> watchdog-backend-api git information
Git deploy branch: master
Git global deploy branch: master
Git keep git dir: false
Git rev env var: GIT_REV
Git sha: b3ac7d3232c6c25c8d9a39eb56479704f988f309
Git source image: ghcr.io/mockernut-ventures/watchdog-backend-api:a976eff72d8b13e04c2c491bce82e8b054525f9d
Git last updated at: 1736956591
=====> watchdog-backend-api haproxy information
Haproxy image: byjg/easy-haproxy:4.4.0
Haproxy letsencrypt email:
Haproxy letsencrypt server: https://acme-v02.api.letsencrypt.org/directory
Haproxy log level: ERROR
=====> watchdog-backend-api logs information
Logs app label alias:
Logs computed app label alias: com.dokku.app-name
Logs computed max size: 10m
Logs global app label alias: com.dokku.app-name
Logs global max size: 10m
Logs global vector sink:
Logs max size:
Logs vector global image: timberio/vector:0.43.1-debian
Logs vector sink:
=====> watchdog-backend-api network information
Network attach post create:
Network attach post deploy:
Network bind all interfaces: false
Network computed attach post create:
Network computed attach post deploy:
Network computed bind all interfaces: false
Network computed initial network:
Network computed tld:
Network global attach post create:
Network global attach post deploy:
Network global bind all interfaces: false
Network global initial network:
Network global tld:
Network initial network:
Network static web listener:
Network tld:
Network web listeners: 172.17.0.12:5000
=====> watchdog-backend-api nginx information
Nginx access log format:
Nginx computed access log format:
Nginx global access log format:
Nginx access log path:
Nginx computed access log path: /var/log/nginx/watchdog-backend-api-access.log
Nginx global access log path: /var/log/nginx/watchdog-backend-api-access.log
Nginx bind address ipv4:
Nginx computed bind address ipv4:
Nginx global bind address ipv4:
Nginx bind address ipv6:
Nginx computed bind address ipv6: ::
Nginx global bind address ipv6: ::
Nginx client body timeout:
Nginx computed client body timeout: 60s
Nginx global client body timeout: 60s
Nginx client header timeout:
Nginx computed client header timeout: 60s
Nginx global client header timeout: 60s
Nginx client max body size:
Nginx computed client max body size: 1m
Nginx global client max body size: 1m
Nginx disable custom config:
Nginx computed disable custom config: false
Nginx global disable custom config: false
Nginx error log path:
Nginx computed error log path: /var/log/nginx/watchdog-backend-api-error.log
Nginx global error log path: /var/log/nginx/watchdog-backend-api-error.log
Nginx hsts include subdomains:
Nginx computed hsts include subdomains: true
Nginx global hsts include subdomains: true
Nginx hsts max age:
Nginx computed hsts max age: 15724800
Nginx global hsts max age: 15724800
Nginx hsts preload:
Nginx computed hsts preload: false
Nginx global hsts preload: false
Nginx hsts:
Nginx computed hsts: true
Nginx global hsts: true
Nginx last visited at:
Nginx keepalive timeout:
Nginx computed keepalive timeout: 75s
Nginx global keepalive timeout: 75s
Nginx lingering timeout:
Nginx computed lingering timeout: 5s
Nginx global lingering timeout: 5s
Nginx nginx conf sigil path:
Nginx computed nginx conf sigil path: nginx.conf.sigil
Nginx global nginx conf sigil path: nginx.conf.sigil
Nginx proxy buffer size:
Nginx computed proxy buffer size: 4k
Nginx global proxy buffer size: 4k
Nginx proxy buffering:
Nginx computed proxy buffering: on
Nginx global proxy buffering: on
Nginx proxy buffers:
Nginx computed proxy buffers: 8 4k
Nginx global proxy buffers: 8 4k
Nginx proxy busy buffers size:
Nginx computed proxy busy buffers size: 8k
Nginx global proxy busy buffers size: 8k
Nginx proxy connect timeout:
Nginx computed proxy connect timeout: 60s
Nginx global proxy connect timeout: 60s
Nginx proxy read timeout:
Nginx computed proxy read timeout: 60s
Nginx global proxy read timeout: 60s
Nginx proxy send timeout:
Nginx computed proxy send timeout: 60s
Nginx global proxy send timeout: 60s
Nginx send timeout:
Nginx computed send timeout: 60s
Nginx global send timeout: 60s
Nginx underscore in headers:
Nginx computed underscore in headers: off
Nginx global underscore in headers: off
Nginx x forwarded for value:
Nginx computed x forwarded for value: $remote_addr
Nginx global x forwarded for value: $remote_addr
Nginx x forwarded port value:
Nginx computed x forwarded port value: $server_port
Nginx global x forwarded port value: $server_port
Nginx x forwarded proto value:
Nginx computed x forwarded proto value: $scheme
Nginx global x forwarded proto value: $scheme
Nginx x forwarded ssl:
Nginx computed x forwarded ssl:
Nginx global x forwarded ssl:
=====> watchdog-backend-api openresty information
Openresty access log format:
Openresty access log path: /var/log/nginx/watchdog-backend-api-access.log
Openresty allowed letsencrypt domains func base64: cmV0dXJuIHRydWUK
Openresty bind address ipv4:
Openresty bind address ipv6: ::
Openresty client body timeout: 60s
Openresty client header timeout: 60s
Openresty client max body size:
Openresty error log path: /var/log/nginx/watchdog-backend-api-error.log
Openresty global hsts: true
Openresty computed hsts: true
Openresty hsts:
Openresty hsts include subdomains: true
Openresty hsts max age: 15724800
Openresty hsts preload: false
Openresty image: dokku/openresty-docker-proxy:0.9.1
Openresty keepalive timeout: 75s
Openresty letsencrypt email:
Openresty letsencrypt server: https://acme-v02.api.letsencrypt.org/directory
Openresty lingering timeout: 5s
Openresty proxy buffer size: 4k
Openresty proxy buffering: on
Openresty proxy buffers: 8 4k
Openresty proxy busy buffers size: 8k
Openresty proxy connect timeout: 60s
Openresty proxy read timeout: 60s
Openresty proxy send timeout: 60s
Openresty send timeout: 60s
Openresty underscore in headers: off
Openresty x forwarded for value: $remote_addr
Openresty x forwarded port value: $server_port
Openresty x forwarded proto value: $scheme
Openresty x forwarded ssl:
=====> watchdog-backend-api ports information
Ports map:
Ports map detected: http:80:5000
=====> watchdog-backend-api proxy information
Proxy computed type: nginx
Proxy enabled: true
Proxy global type: nginx
Proxy type:
=====> watchdog-backend-api ps information
Deployed: true
Processes: 1
Ps can scale: true
Ps computed procfile path: Procfile
Ps global procfile path: Procfile
Ps procfile path:
Ps restart policy: on-failure:10
Restore: true
Running: true
Status web 1: running (CID: 60755cdad77)
=====> watchdog-backend-api registry information
Registry computed image repo: dokku/watchdog-backend-api
Registry computed push on release: false
Registry computed server:
Registry global image repo template:
Registry global push on release:
Registry global server:
Registry image repo:
Registry push extra tags:
Registry push on release:
Registry server:
Registry tag version:
=====> watchdog-backend-api resource information
=====> watchdog-backend-api scheduler information
Scheduler computed selected: docker-local
Scheduler global selected: docker-local
Scheduler selected:
=====> watchdog-backend-api scheduler-docker-local information
Scheduler docker local init process: true
Scheduler docker local parallel schedule count:
=====> watchdog-backend-api scheduler-k3s information
Scheduler k3s computed deploy timeout: 300s
Scheduler k3s computed image pull secrets:
Scheduler k3s computed letsencrypt server: prod
Scheduler k3s computed namespace: default
Scheduler k3s computed rollback on failure: false
Scheduler k3s deploy timeout:
Scheduler k3s global deploy timeout: 300s
Scheduler k3s global image pull secrets:
Scheduler k3s global ingress class: nginx
Scheduler k3s global kube context:
Scheduler k3s global kubeconfig path: /etc/rancher/k3s/k3s.yaml
Scheduler k3s global letsencrypt email prod:
Scheduler k3s global letsencrypt email stag:
Scheduler k3s global letsencrypt server: prod
Scheduler k3s global namespace: default
Scheduler k3s global network interface: eth0
Scheduler k3s global rollback on failure: false
Scheduler k3s image pull secrets:
Scheduler k3s letsencrypt server:
Scheduler k3s namespace:
Scheduler k3s rollback on failure:
=====> watchdog-backend-api storage information
Storage build mounts:
Storage deploy mounts:
Storage run mounts:
=====> watchdog-backend-api traefik information
Traefik api enabled: false
Traefik api vhost: traefik.dokku.me
Traefik basic auth password:
Traefik basic auth username:
Traefik dashboard enabled: false
Traefik image: traefik:3.3.1
Traefik letsencrypt email:
Traefik letsencrypt server: https://acme-v02.api.letsencrypt.org/directory
Traefik log level: ERROR
Traefik http entry point: http
Traefik https entry point: https
How (deb/make) and where (AWS, VirtualBox, physical, etc.) was Dokku installed?:
I used the official setup script: sudo DOKKU_TAG=v0.35.15 bash bootstrap.sh
This is on an arm64 Debian 12 host with 2C and 4GB RAM (hosted on AWS, instance t4g.medium)
Additional information
- This all works on my local machine, meaning I've done
ssh-keyscanandssh ssh://dokku@...passing my private key. This is on a machine with Tailscale installed and running, so I'm a bit perplexed as to why the latter is failing in GitHub actions. - This all works when I use the host's real IP address instead of the one provided by tailscale (though that requires me to completely open port 22 which is not great, been trying to switch to Tailscale to avoid that security hole)
Any assistance would be much appreciated! Thanks.