SYSTEM Cited by 1 source
Fly GraphQL API¶
The Fly GraphQL API is Fly.io's customer-facing control plane for CLI + programmatic operations. The 2024-03-12 JIT WireGuard post narrates its role in the peer-provisioning path:
"The first time it runs, the agent generates a new WireGuard peer configuration from our GraphQL API. WireGuard peer configurations are very simple: just a public key and an address to connect to. Our API in turn takes that peer configuration and sends it to the appropriate gateway (say,
ord, if you're near Chicago) via an RPC we send over the NATS messaging system." (Source: sources/2024-03-12-flyio-jit-wireguard-peers)
Pre-JIT it pushed peer configs to gateways over
NATS. Post-JIT it exposes an internal HTTP
API that gateways pull from on handshake arrival —
authoritative source of truth for per-pubkey peer config,
consulted by wggwd when its SQLite rate-limit cache misses.
(Source: sources/2024-03-12-flyio-jit-wireguard-peers)
Seen in¶
- sources/2024-03-12-flyio-jit-wireguard-peers — peer provisioning control plane.
Related¶
- systems/fly-flyctl — primary client.
- systems/fly-gateway — pull counterpart post-JIT.
- systems/wggwd — gateway-side HTTP client.
- systems/nats — deprecated pre-JIT push transport.
- concepts/jit-peer-provisioning — the pattern consuming this API from the gateway side.
- companies/flyio.