I followed this Guide to setup headscale with caddy. And tried to add Keycloak with this guide from the same guy.

Sadly my docker containers do not seem to be able to connect to the keycloak server. What happens is that if i try to download the openid configuration from the host (via wget) or from my local PC it just works. But the headscale server gets a timeout when trying to connect to the endpoint. When i use the internal docker name to connect to the keycloak container the connection works fine but then i get an error because its not the external url.

I experimented a bit and managed to reproduce the issue with a different container (running an ubuntu container and also getting a timeout when trying to download the config from keycloak). If i run the container with the host network i works just fine.

Does anyone know how to fix this?

PS: i also tried the example from the guide with gitea an its also the same problem

Update: I tried most suggestions and for some reason it just didn’t work. My solution that is working now is that I bind the container ports to localhost only (by using p.e.: ports: -“127.0.0.1:4567:8080”) and using the caddy server in host network mode. Now all containers can connect like expected and are working flawlessly. Thanks for all your suggestions :)

    • @[email protected]English
      29 months ago

      I think it would be easier to use only one docker compose file with all services, and use the same network across all of them

    • @[email protected]English
      19 months ago

      this is a long shot but the keycloack container is connected to 2 networks, does this couse a problem?

      i’m saying this because traefik need you to specify on the labels which docker network it should use. maybe there is something similar.

      but as i said this is a very long shot and it’s probably bs