Cannot install squidex using docker

doantranthanh · November 16, 2021, 11:39am

Hi Seb,

I tried to install Squidex on my local using docker compose.

I followed this tutorial

https://docs.squidex.io/01-getting-started/installation/platforms/install-on-docker

And using docker no proxy file which is https://github.com/Squidex/squidex-hosting/blob/master/docker-compose/docker-compose-noproxy.yml

I just changed squidex mongo image to latest. changed the ports to 8085:80

So the docker looks like

version: '2.3'
services:
  squidex_mongo:
    image: mongo:latest
    volumes:
      - /etc/squidex/mongo/db:/data/db
    networks:
      - internal
    restart: unless-stopped

  squidex_squidex:
    image: "squidex/squidex:5"
    ports:
      - "8085:80"
    environment:
      - URLS__BASEURL=https://${SQUIDEX_DOMAIN}
      - EVENTSTORE__TYPE=MongoDB
      - EVENTSTORE__MONGODB__CONFIGURATION=mongodb://squidex_mongo
      - STORE__MONGODB__CONFIGURATION=mongodb://squidex_mongo
      - IDENTITY__ADMINEMAIL=${SQUIDEX_ADMINEMAIL}
      - IDENTITY__ADMINPASSWORD=${SQUIDEX_ADMINPASSWORD}
      - IDENTITY__GOOGLECLIENT=${SQUIDEX_GOOGLECLIENT}
      - IDENTITY__GOOGLESECRET=${SQUIDEX_GOOGLESECRET}
      - IDENTITY__GITHUBCLIENT=${SQUIDEX_GITHUBCLIENT}
      - IDENTITY__GITHUBSECRET=${SQUIDEX_GITHUBSECRET}
      - IDENTITY__MICROSOFTCLIENT=${SQUIDEX_MICROSOFTCLIENT}
      - IDENTITY__MICROSOFTSECRET=${SQUIDEX_MICROSOFTSECRET}
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:5000/healthz"]
      start_period: 60s
    depends_on:
      - squidex_mongo
    volumes:
      - /etc/squidex/assets:/app/Assets
    networks:
      - internal
    restart: unless-stopped
    
networks:
  internal:
    driver: bridge

Then I tried to access to https://${SQUIDEX_DOMAIN}:8085 but it does not work.

Could you please help me?

Thanks

Sebastian · November 16, 2021, 4:52pm

For https you need a proxy that accepts https and creates the certificate for you. Either you use the version with caddy, which does it automatically or your configure cloudflare to point to your Squidex instance.

Squidex does not work without https (Chrome!!!) therefore a https reverse proxy is a must.

doantranthanh · December 3, 2021, 1:45pm

Hi Sebastian,

Thank you for your reply.

I found that if I use cloud.squidex.io as SQUIDEX_DOMAIN then it is working.

However if I change the SQUIDEX_DOMAIN for example corecms.local.squidex.io to something else the it does not work due to the following problem

squidex_proxy_1    | 2021/12/03 13:42:39 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/55074194000
squidex_proxy_1    | 2021/12/03 13:42:40 [ERROR] error: one or more domains had a problem:
squidex_proxy_1    | [corecms.local.squidex.io] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for corecms.local.squidex.io - check that a DNS record exists for this domain, url:
squidex_proxy_1    |  (challenge=http-01 remaining=[tls-alpn-01])
squidex_proxy_1    | 2021/12/03 13:42:42 [INFO] [corecms.local.squidex.io] acme: Obtaining bundled SAN certificate given a CSR
squidex_proxy_1    | 2021/12/03 13:42:43 [INFO] [corecms.local.squidex.io] AuthURL: https://acme-v02.api.letsencrypt.org/acme/authz-v3/55074230110
squidex_proxy_1    | 2021/12/03 13:42:43 [INFO] [corecms.local.squidex.io] acme: use tls-alpn-01 solver
squidex_proxy_1    | 2021/12/03 13:42:43 [INFO] [corecms.local.squidex.io] acme: Trying to solve TLS-ALPN-01
squidex_proxy_1    | 2021/12/03 13:42:43 http: TLS handshake error from 127.0.0.1:40956: EOF
squidex_proxy_1    | 2021/12/03 13:42:50 [INFO] Deactivating auth: https://acme-v02.api.letsencrypt.org/acme/authz-v3/55074230110
squidex_proxy_1    | 2021/12/03 13:42:50 [ERROR] error: one or more domains had a problem:
squidex_proxy_1    | [corecms.local.squidex.io] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for corecms.local.squidex.io - check that a DNS record exists for this domain, url:
squidex_proxy_1    |  (challenge=tls-alpn-01 remaining=[])
squidex_proxy_1    | 2021/12/03 13:42:52 [ERROR] attempt 1: [corecms.local.squidex.io] Obtain: [corecms.local.squidex.io] error: one or more domains had a problem:
squidex_proxy_1    | [corecms.local.squidex.io] acme: error: 400 :: urn:ietf:params:acme:error:dns :: DNS problem: NXDOMAIN looking up A for corecms.local.squidex.io - check that a DNS record exists for this domain, url:
squidex_proxy_1    |  - retrying in 1m0s (23.2334276s/720h0m0s elapsed)...
Gracefully stopping... (press Ctrl+C again to force)

Sorry I am not very familiar with Caddy so I think it is better to ask you .

Many thanks

doantranthanh · December 3, 2021, 1:48pm

this is my updated working docker-compose.yml

version: '2.3'
services:
  squidex_mongo:
    image: mongo
    volumes:
      - /etc/squidex/mongo/db:/data/db
    networks:
      - internal
    restart: unless-stopped

  squidex_squidex:
    image: "squidex/squidex:5"
    environment:
      - URLS__BASEURL=https://${SQUIDEX_DOMAIN}
      - EVENTSTORE__TYPE=MongoDB
      - EVENTSTORE__MONGODB__CONFIGURATION=mongodb://squidex_mongo
      - STORE__MONGODB__CONFIGURATION=mongodb://squidex_mongo
      - IDENTITY__ADMINEMAIL=${SQUIDEX_ADMINEMAIL}
      - IDENTITY__ADMINPASSWORD=${SQUIDEX_ADMINPASSWORD}
      - IDENTITY__GOOGLECLIENT=${SQUIDEX_GOOGLECLIENT}
      - IDENTITY__GOOGLESECRET=${SQUIDEX_GOOGLESECRET}
      - IDENTITY__GITHUBCLIENT=${SQUIDEX_GITHUBCLIENT}
      - IDENTITY__GITHUBSECRET=${SQUIDEX_GITHUBSECRET}
      - IDENTITY__MICROSOFTCLIENT=${SQUIDEX_MICROSOFTCLIENT}
      - IDENTITY__MICROSOFTSECRET=${SQUIDEX_MICROSOFTSECRET}
      - ASPNETCORE_URLS=http://+:5000
    healthcheck:
      test: ["CMD", "curl", "-f", "http://localhost:5000/healthz"]
      start_period: 60s
    depends_on:
      - squidex_mongo
    volumes:
      - /etc/squidex/assets:/app/Assets
    networks:
      - internal
    restart: unless-stopped

  squidex_proxy:
    image: squidex/caddy-proxy
    ports:
      - "3901:3901"
      - "6379:6379"
    environment:
      - SITE_ADDRESS=${SQUIDEX_DOMAIN}
      - SITE_SERVER="squidex_squidex:5000"
    volumes:
      - /etc/squidex/caddy/data:/data
      - /etc/squidex/caddy/config:/config
    depends_on:
      - squidex_squidex
    networks:
      - internal
    restart: unless-stopped
    
networks:
  internal:
    driver: bridge

And my .env

SQUIDEX_DOMAIN=cloud.squidex.io
SQUIDEX_ADMINEMAIL=admin@gmail.com
SQUIDEX_ADMINPASSWORD=Adm-Password1
SQUIDEX_GITHUBCLIENT=
SQUIDEX_GITHUBSECRET=
SQUIDEX_GOOGLECLIENT=
SQUIDEX_GOOGLESECRET=
SQUIDEX_MICROSOFTCLIENT=
SQUIDEX_MICROSOFTSECRET=