Configuration with Application Deployment - Connect to all AMP services via Tailscale only

System Information

Field Value
Operating System Linux - Ubuntu 24.04.2 on x86_64
Product AMP ‘Phobos’ v2.6.2.0 (Mainline)
Virtualization None
Application Application Deployment
Module ADSModule
Running in Container No
Current State Indeterminate

Problem Description

Issue

i host a homelab server and i dont need https. i dont even want to expose my server to the internet outside of tailscale. i would like to have 8080 web ui and 12820 metrics server connect via tailscale only. i essentially want to have amp and all servers running on amp connect via tailscale only. if i try to delete default ufw rules, amp keeps adding them back for tcp and udp.

Reproduction Steps

  • delete ufw rules made by amp
  • add custom rules to route traffic via tailscale on any port amp will use (8080, 12820 and server ports)
  • went through web ui - disabled automatic firewall rule creation via amp
  • searched in /home/amp/.ampdata/instances/ADS01/ for /etc/AMPConfig.conf - does not exist
  • added the /etc/AMPConfig.conf - BindIP=(my tailscale ip) - still was superseded by the auto tcp/udp rules made by amp in ufw

You can disable and mask ampfirewall.timer and ampfirewall.service to stop AMP creating firewall rules completely