Bind puma to 0.0.0.0 and allow Tailscale host #5

New issue

Closed

opened 2026-05-19 11:12:59 +00:00 by ldraney · 0 comments

ldraney commented 2026-05-19 11:12:59 +00:00

Owner

Copy link

Type

Bug

Lineage

Standalone — discovered deploying mdview behind Tailscale Funnel tunnel.

Repo

ldraney/mdview

What Broke

Two issues prevented tunnel access: (1) Puma bound to 127.0.0.1, unreachable from the cluster nginx proxy over Tailscale. (2) Rails host authorization returned 403 for mdview.tail5b443a.ts.net requests.

Repro Steps

1. Start mdview with mdview README.md
2. ss -tlnp | grep 3137 shows 127.0.0.1:3137
3. Cluster nginx proxy cannot reach puma — 502
4. After fixing binding, curl https://mdview.tail5b443a.ts.net/ returns 403 (Rails host check)

Expected Behavior

Puma binds to 0.0.0.0:3137 and Rails accepts requests from the Tailscale Funnel domain.

Environment

• Local: archbox (Rails development mode)
• Tunnel: mdview namespace on prod cluster
• Related alerts: none

Acceptance Criteria

• Puma binds to 0.0.0.0:3137
• Rails accepts *.tail5b443a.ts.net host header
• mdview.tail5b443a.ts.net returns 200 when puma is up

Related

• mdview — the markdown viewer project

### Type Bug ### Lineage Standalone — discovered deploying mdview behind Tailscale Funnel tunnel. ### Repo `ldraney/mdview` ### What Broke Two issues prevented tunnel access: (1) Puma bound to `127.0.0.1`, unreachable from the cluster nginx proxy over Tailscale. (2) Rails host authorization returned 403 for `mdview.tail5b443a.ts.net` requests. ### Repro Steps 1. Start mdview with `mdview README.md` 2. `ss -tlnp | grep 3137` shows `127.0.0.1:3137` 3. Cluster nginx proxy cannot reach puma — 502 4. After fixing binding, `curl https://mdview.tail5b443a.ts.net/` returns 403 (Rails host check) ### Expected Behavior Puma binds to `0.0.0.0:3137` and Rails accepts requests from the Tailscale Funnel domain. ### Environment - Local: archbox (Rails development mode) - Tunnel: mdview namespace on prod cluster - Related alerts: none ### Acceptance Criteria - [ ] Puma binds to `0.0.0.0:3137` - [ ] Rails accepts `*.tail5b443a.ts.net` host header - [ ] `mdview.tail5b443a.ts.net` returns 200 when puma is up ### Related - `mdview` — the markdown viewer project

ldraney referenced this issue from a pull request that will close it, 2026-05-19 11:13:10 +00:00

Bind puma to 0.0.0.0 and allow Tailscale host #6

ldraney closed this issue 2026-05-19 11:18:07 +00:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

No results found.

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

ldraney/mdview#5

No description provided.