I am trying to setup traefik-forward-auth with dex.
Here is an example setup that works - GitHub - genert/traefik_with_dex
If you visit the website, it redirects to the wrong url e.g http://dex.testing.internal:5556/auth?client_id=forward-auth&redirect_uri=http%3A%2F%2Ftesting.internal%2F_oauth&response_type=code&scope=openid+profile+email&state=6d8953aad28c968addbe6c208e00fd6d%3Aoidc%3Ahttp%3A%2F%2Ftesting.internal%2F
The URL is wrong because it contains 5556 port. Removing the port from the URL makes it work.
I tried it without ports in both dex issuer conf and changing PROVIDERS_OIDC_ISSUER_URL without port.
However, then the following error happens when booting the containers:
traefik_with_dex-traefik-forward-auth-1 | time="2023-01-11T15:05:45Z" level=fatal msg="Get http://dex.testing.internal/.well-known/openid-configuration: dial tcp 172.20.0.3:80: connect: connection refused"
Which means the dex is not accessible from the forward auth even though it open in the browser.
I added the following network alias for the dex container:
networks:
testing:
aliases:
- dex.testing.internal
However, it did not solve the issue.
Does Traefik work differently for internal container connection?
Any ideas how to fix it?