Hi Sebastian,
I have hosted squidex and mongo with https. On the same node i have configured identity server. But identity server is with http. hpw to get identity server with https.
Hi, if you use the dockerfile you can use the nginx sidecar and lets encrypt sidecar.
They look for these environment variables:
- LETSENCRYPT_HOST=${SQUIDEX_DOMAIN}
- LETSENCRYPT_EMAIL=${SQUIDEX_ADMINEMAIL}
- VIRTUAL_HOST=${SQUIDEX_DOMAIN}
I am already using nginx and letsencrypt for squidex and mongoversion: ‘2.1’
services:
squidex_mongo:
image: mongo:latest
ports:
- "27017:27017"
volumes:
- /etc/squidex/mongo/db:/data/db
networks:
- internal
restart: unless-stopped
squidex_squidex:
image: "squidex/squidex:latest"
ports:
- "5000:80"
environment:
- URLS__BASEURL=${SQUIDEX_PROTOCOL}://${SQUIDEX_DOMAIN}/
- URLS__ENFORCEHTTPS=${SQUIDEX_FORCE_HTTPS}
- EVENTSTORE__MONGODB__CONFIGURATION=mongodb://squidex_mongo
- STORE__MONGODB__CONFIGURATION=mongodb://squidex_mongo
- IDENTITY__ADMINEMAIL=${SQUIDEX_ADMINEMAIL}
- IDENTITY__ADMINPASSWORD=${SQUIDEX_ADMINPASSWORD}
- IDENTITY__GOOGLECLIENT=${SQUIDEX_GOOGLECLIENT}
- IDENTITY__GOOGLESECRET=${SQUIDEX_GOOGLESECRET}
- IDENTITY__GITHUBCLIENT=${SQUIDEX_GITHUBCLIENT}
- IDENTITY__GITHUBSECRET=${SQUIDEX_GITHUBSECRET}
- IDENTITY__MICROSOFTCLIENT=${SQUIDEX_MICROSOFTCLIENT}
- IDENTITY__MICROSOFTSECRET=${SQUIDEX_MICROSOFTSECRET}
- LETSENCRYPT_HOST=${SQUIDEX_DOMAIN}
- LETSENCRYPT_EMAIL=${SQUIDEX_ADMINEMAIL}
- VIRTUAL_HOST=${SQUIDEX_DOMAIN}
depends_on:
- squidex_mongo
volumes:
- /etc/squidex/assets:/app/Assets
networks:
- internal
restart: unless-stopped
squidex_proxy:
image: squidex/nginx-proxy
ports:
- "80:80"
- "443:443"
volumes:
- /etc/squidex/nginx/vhost.d:/etc/nginx/vhost.d
- /etc/squidex/nginx/certs:/etc/nginx/certs:ro
- /etc/squidex/nginx/html:/usr/share/nginx/html
- /var/run/docker.sock:/tmp/docker.sock:ro
depends_on:
- squidex_squidex
networks:
- internal
labels:
- com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
restart: unless-stopped
squidex_encrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
volumes:
- /etc/squidex/nginx/certs:/etc/nginx/certs:rw
- /var/run/docker.sock:/var/run/docker.sock:ro
volumes_from:
- squidex_proxy
depends_on:
- squidex_proxy
networks:
- internal
restart: unless-stopped
networks:
internal:
driver: bridge
Please use code blocks for formatting, it is very hard to read.
BTW: How do you host identity server? Do you have an own docker-compose for that?
For identity server,
- I have cloned the squidex/identity repo.
- Then i edited /root/squidex-identity/Squidex.Identity/appsettings.json.
- Then built image from Docker file(from squidexidentity repo).
- Stated the container. docker run -itd --name identity -p 8081:80 cotnainer id
You do not have to touch appsettings.json file, everything can be done with environment variables.
I would add squidex-identity to the same dockerfile, something like this:
squidex_identity:
image: "squidex/squidex-identity:latest"
ports:
- "6000:80"
environment:
- STORE__MONGODB__CONFIGURATION=mongodb://squidex_mongo
- LETSENCRYPT_HOST=identity.mydomain.com
- LETSENCRYPT_EMAIL=admin@mydomain.com
- VIRTUAL_HOST=identity.mydomain.com
depends_on:
- squidex
- squidex_mongo
networks:
- internal
restart: unless-stopped
I added the above to docker compose. i used the image which i built for identity. squidex cms is working with https. but i am unable to open identity home page in the browser.
version: ‘2.1’
services:
squidex_mongo:
image: mongo:latest
ports:
- “27017:27017”
volumes:
- /etc/squidex/mongo/db:/data/db
networks:
- internal
restart: unless-stopped
squidex_squidex:
image: “squidex/squidex:latest”
ports:
- “5000:80”
environment:
- URLS__BASEURL=${SQUIDEX_PROTOCOL}://${SQUIDEX_DOMAIN}/
- URLS__ENFORCEHTTPS=${SQUIDEX_FORCE_HTTPS}
- EVENTSTORE__MONGODB__CONFIGURATION=mongodb://squidex_mongo
- STORE__MONGODB__CONFIGURATION=mongodb://squidex_mongo
- IDENTITY__ADMINEMAIL=${SQUIDEX_ADMINEMAIL}
- IDENTITY__ADMINPASSWORD=${SQUIDEX_ADMINPASSWORD}
- IDENTITY__GOOGLECLIENT=${SQUIDEX_GOOGLECLIENT}
- IDENTITY__GOOGLESECRET=${SQUIDEX_GOOGLESECRET}
- IDENTITY__GITHUBCLIENT=${SQUIDEX_GITHUBCLIENT}
- IDENTITY__GITHUBSECRET=${SQUIDEX_GITHUBSECRET}
- IDENTITY__MICROSOFTCLIENT=${SQUIDEX_MICROSOFTCLIENT}
- IDENTITY__MICROSOFTSECRET=${SQUIDEX_MICROSOFTSECRET}
- LETSENCRYPT_HOST=${SQUIDEX_DOMAIN}
- LETSENCRYPT_EMAIL=${SQUIDEX_ADMINEMAIL}
- VIRTUAL_HOST=${SQUIDEX_DOMAIN}
depends_on:
- squidex_mongo
volumes:
- /etc/squidex/assets:/app/Assets
networks:
- internal
restart: unless-stopped
squidex_proxy:
image: squidex/nginx-proxy
ports:
- “80:80”
- “443:443”
volumes:
- /etc/squidex/nginx/vhost.d:/etc/nginx/vhost.d
- /etc/squidex/nginx/certs:/etc/nginx/certs:ro
- /etc/squidex/nginx/html:/usr/share/nginx/html
- /var/run/docker.sock:/tmp/docker.sock:ro
depends_on:
- squidex_squidex
networks:
- internal
labels:
- com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy
restart: unless-stopped
squidex_encrypt:
image: jrcs/letsencrypt-nginx-proxy-companion
volumes:
- /etc/squidex/nginx/certs:/etc/nginx/certs:rw
- /var/run/docker.sock:/var/run/docker.sock:ro
volumes_from:
- squidex_proxy
depends_on:
- squidex_proxy
networks:
- internal
restart: unless-stopped
squidex_identity:
image: idenity
ports:
- “6000:80”
environment:
- STORE__MONGODB__CONFIGURATION=mongodb://squidex_mongo
- LETSENCRYPT_HOST=identity.testingsquidex.centralus.cloudapp.azure.com
- LETSENCRYPT_EMAIL=admin@mydomain.com
- VIRTUAL_HOST=identity.testingsquidex.centralus.cloudapp.azure.com
depends_on:
- squidex_squidex
- squidex_mongo
networks:
- internal
restart: unless-stopped
networks:
internal:
driver: bridge
I only answer to well formatted posts from now on 
Please use the code formatting with ```