this post was submitted on 13 Sep 2023
17 points (87.0% liked)

Selfhosted

39435 readers
6 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I followed this Guide to setup headscale with caddy. And tried to add Keycloak with this guide from the same guy.

Sadly my docker containers do not seem to be able to connect to the keycloak server. What happens is that if i try to download the openid configuration from the host (via wget) or from my local PC it just works. But the headscale server gets a timeout when trying to connect to the endpoint. When i use the internal docker name to connect to the keycloak container the connection works fine but then i get an error because its not the external url.

I experimented a bit and managed to reproduce the issue with a different container (running an ubuntu container and also getting a timeout when trying to download the config from keycloak). If i run the container with the host network i works just fine.

Does anyone know how to fix this?

PS: i also tried the example from the guide with gitea an its also the same problem

Update: I tried most suggestions and for some reason it just didn't work. My solution that is working now is that I bind the container ports to localhost only (by using p.e.: ports: -"127.0.0.1:4567:8080") and using the caddy server in host network mode. Now all containers can connect like expected and are working flawlessly. Thanks for all your suggestions :)

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 year ago

this is a long shot but the keycloack container is connected to 2 networks, does this couse a problem?

i'm saying this because traefik need you to specify on the labels which docker network it should use. maybe there is something similar.

but as i said this is a very long shot and it's probably bs