I have set up a Docker container with Squidex. To login, Squidex attempts to access the OpenID configuration address (
/identity-server/.well-known/openid-configuration) from the Base URL.
Squidex is setup via docker-compose with the following labels:
- "traefik.enable=true" - "traefik.http.routers.headless-secured.entrypoints=websecure" - "traefik.http.routers.headless-secured.rule=Host(`base-url`)" - "traefik.http.routers.headless-secured.tls.certresolver=httpchallenge" - "traefik.http.routers.headless-secured.tls=true" - "traefik.http.routers.headless.entrypoints=web" - "traefik.http.routers.headless.rule=Host(`base-url`)" - "traefik.http.middlewares.compress.compress=true" - "traefik.http.middlewares.redirect.redirectscheme.scheme=https" - "traefik.http.routers.headless.middlewares=compress,headings" - "traefik.http.routers.headless-secured.middlewares=compress,headings"
I can access the site via both HTTP and HTTPS from my browser.
When the Base URL of Squidex is set to use HTTP, the OpenID configuration is accessible. However, I have to disable the HTTPS redirection of Traefik, and this leaves my connection unsecured.
When the Base URL of Squidex is set the use HTTPS, I cannot login as the docker container cannot find the Open ID configuration. Note that this configuration is from a URL of the same container.
I have tried to
curl from inside the Squidex container via
docker exec -it container_name bash. When attempting
curl via HTTP, everything works great. However, when trying to
curl the HTTPS address, the connection is refused.
So, from within the container with traefik router
curl http://squidex.host-url = HTML file output curl https://squidex.host-url = <connection refused>
curl command can access other Traefik routed containers:
curl https://other-container-subdomain.host-url = <works fine>
Is there a way to allow the container to access its own HTTPS path from Traefik?