Docker local deploy #7497

jmalla.cp created 8 months ago

ABP Framework version: v6.0.1
UI Type: MVC
Database System: EF Core (PostgreSQL)
Tiered (for MVC) or Auth Server Separated (for Angular): Tired
Exception message and full stack trace:
Steps to reproduce the issue:

Hi,

I'm trying to run my project with Docker on my local computer because I want to check if the updates work correctly on a tablet before pushing the code to production.

The all containers up correctly, migrations, and I can access, https://pc01:44353/, but I can't login, because I get the error 500

And this is the Excception of webapp-web: 2024-07-12 11:18:47.622 +00:00 [ERR] [] [] An unhandled exception has occurred while executing the request. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'http://webapp-authserver/.well-known/openid-configuration'. ---> System.IO.IOException: IDX20807: Unable to retrieve document from: 'http://webapp-authserver/.well-known/openid-configuration'. HttpResponseMessage: 'StatusCode: 400, ReasonPhrase: 'Bad Request', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers: { Date: Fri, 12 Jul 2024 11:18:47 GMT Server: Kestrel X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN Content-Length: 168 Content-Type: application/json; charset=UTF-8 }', HttpResponseMessage.Content: '{ "error": "invalid_request", "error_description": "This server only accepts HTTPS requests.", "error_uri": "https://documentation.openiddict.com/errors/ID2083" }'. at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel) at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel) at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel) --- End of inner exception stack trace --- at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsyncInternal(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsync(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.ChallengeAsync(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, String scheme, AuthenticationProperties properties) at Microsoft.AspNetCore.Mvc.ChallengeResult.ExecuteResultAsync(ActionContext context) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.

Here you can see my docker-compose.yml

services:
  webapp-web:
    image: cincaporc/webapp-web:latest
    container_name: webapp-web
    build:
      context: ../../
      dockerfile: src/Cincaporc.WebApp.Web/Dockerfile.local
    environment:
      - ASPNETCORE_URLS=https://+:443;http://+:80;
      - Kestrel__Certificates__Default__Path=/root/certificate/pc01.pfx
      - Kestrel__Certificates__Default__Password=123456
      - App__SelfUrl=https://pc01:44353
      - AuthServer__RequireHttpsMetadata=false
      - AuthServer__IsContainerizedOnLocalhost=true
      - AuthServer__MetaAddress=http://webapp-authserver
      - AuthServer__Authority=https://pc01:44334
      - RemoteServices__Default__BaseUrl=http://webapp-api
      - RemoteServices__AbpAccountPublic__BaseUrl=http://webapp-authserver
      - App__MVCPublicUrl=https://pc01:44355
      - ConnectionStrings__Default=Host=db-server;Database=ExtranetDev;User Id=cincaporclocal;Password=cincaporclocal;Timeout=60;
      - Redis__Configuration=redis
    ports:
      - "44353:443"
    depends_on:
      - webapp-api
    restart: on-failure
    volumes:
      - ./certs:/root/certificate
    networks:
      - abp-network

  webapp-web-public:
    image: cincaporc/webapp-web-public:latest
    container_name: webapp-web-public
    build:
      context: ../../
      dockerfile: src/Cincaporc.WebApp.Web.Public/Dockerfile.local
    environment:
      - ASPNETCORE_URLS=https://+:443;http://+:80;
      - Kestrel__Certificates__Default__Path=/root/certificate/pc01.pfx
      - Kestrel__Certificates__Default__Password=123456
      - App__SelfUrl=https://pc01:44355
      - App__Timing__TimeZone=Europe/Madrid
      - AuthServer__RequireHttpsMetadata=false
      - AuthServer__IsContainerizedOnLocalhost=true
      - AuthServer__MetaAddress=http://webapp-authserver
      - AuthServer__Authority=https://pc01:44334
      - AuthServer__ClientId=WebApp_Web_Public_Tiered
      - AuthServer__ClientSecret=g0gMs#4j2r
      - RemoteServices__Default__BaseUrl=http://webapp-api
      - RemoteServices__AbpAccountPublic__BaseUrl=http://webapp-authserver
      - Redis__Configuration=redis
    ports:
      - "44355:443"
    depends_on:
      - webapp-api
    restart: on-failure
    volumes:
      - ./certs:/root/certificate
    networks:
      - abp-network

  webapp-api:
    image: cincaporc/webapp-api:latest
    container_name: webapp-api
    build:
      context: ../../
      dockerfile: src/Cincaporc.WebApp.HttpApi.Host/Dockerfile.local
    environment:
      - ASPNETCORE_URLS=https://+:443;http://+:80;
      - Kestrel__Certificates__Default__Path=/root/certificate/pc01.pfx
      - Kestrel__Certificates__Default__Password=123456
      - App__SelfUrl=https://pc01:44354
      - App__MVCPublicUrl=https://pc01:44355
      - App__CorsOrigins=https://pc01:44353,https://pc01:44355,http://webapp-web,http://webapp-web-public
      - App__Timing__TimeZone=Europe/Madrid
      - AuthServer__RequireHttpsMetadata=false
      - AuthServer__Authority=http://webapp-authserver
      - AuthServer__SwaggerClientId=WebApp_Swagger
      - ConnectionStrings__Default=Host=db-server;Database=ExtranetDev;User Id=cincaporclocal;Password=cincaporclocal;Timeout=60;
      - Redis__Configuration=redis
      - Settings__ErpService.ErpSelected=Fake
      - StringEncryption__DefaultPassPhrase=fQVpnvGGdYZ5DqcG
    ports:
      - "44354:443"
    depends_on:
      db-server:
        condition: service_healthy
      redis:
        condition: service_healthy
    restart: on-failure
    volumes:
      - ./certs:/root/certificate
    networks:
      - abp-network
  
  webapp-authserver:
    image: cincaporc/webapp-authserver:latest
    container_name: webapp-authserver
    build:
      context: ../../
      dockerfile: src/Cincaporc.WebApp.AuthServer/Dockerfile.local
    environment:
      - ASPNETCORE_URLS=https://+:443;http://+:80;
      - App__SelfUrl=https://pc01:44334
      - App__CorsOrigins=https://pc01:44353,https://pc01:44354,https://pc01:44355,http://webapp-web
      - App__RedirectAllowedUrls=https://pc01:44353,https://pc01:44354,https://pc01:44355
      - App__Timing__Timezone=Europe/Madrid
      - AuthServer__RequireHttpsMetadata=false
      - AuthServer__Authority=http://webapp-authserver
      - AuthServer__SetSelfAsIssuer=true
      - Kestrel__Certificates__Default__Path=/root/certificate/pc01.pfx
      - Kestrel__Certificates__Default__Password=123456
      - ConnectionStrings__Default=Host=db-server;Database=ExtranetDev;User Id=cincaporclocal;Password=cincaporclocal;Timeout=60;
      - StringEncryption__DefaultPassPhrase=fQVpnvGGdYZ5DqcG
      - Redis__Configuration=redis
      - Redis__IsEnabled=false
      - Settings__Abp.Account.IsSelfRegistrationEnabled=false
    ports:
      - "44334:443"
    depends_on:
      db-server:
        condition: service_healthy
      redis:
        condition: service_healthy
    restart: on-failure
    volumes:
      - ./certs:/root/certificate
    networks:
      - abp-network

  db-migrator:
    image: cincaporc/webapp-db-migrator:latest
    container_name: db-migrator
    build:
      context: ../../
      dockerfile: src/WebApp.DbMigrator/Dockerfile.local
    environment:
      - OpenIddict__Applications__WebApp_Web__RootUrl=https://pc01:44353
      - OpenIddict__Applications__WebApp_Web__ClientId=WebApp_Web
      - OpenIddict__Applications__WebApp_Web__ClientSecret=Pd&^901A
      - OpenIddict__Applications__WebApp_Swagger__RootUrl=https://pc01:44354
      - OpenIddict__Applications__WebApp_Swagger__ClientId=WebApp_Swagger
      - OpenIddict__Applications__WebApp_Swagger__ClientSecret=cE64h!3P
      - OpenIddict__Applications__WebApp_Web_Public__RootUrl=https://pc01:44355
      - OpenIddict__Applications__WebApp_Web_Public__ClientId=WebApp_Web_Public
      - OpenIddict__Applications__WebApp_Web_Public__ClientSecret=g0gMs#4j2r
      - OpenIddict__Applications__WebApp_Web_Public_Tiered__RootUrl=https://pc01:44355
      - OpenIddict__Applications__WebApp_Web_Public_Tiered__ClientId=WebApp_Web_Public_Tiered
      - OpenIddict__Applications__WebApp_Web_Public_Tiered__ClientSecret=g0gMs#4j2r
      - ConnectionStrings__Default=Host=db-server;Database=ExtranetDev;User Id=cincaporclocal;Password=cincaporclocal;Timeout=60;
    depends_on:
      db-server:
        condition: service_healthy
    networks:
      - abp-network
  
  db-server:
    container_name: db-server
    image: postgres
    ports:
      - "1434:5432"
    environment:
      - POSTGRES_PASSWORD=cincaporclocal
      - POSTGRES_USER=cincaporclocal
      - POSTGRES_DB=ExtranetDev
      - PGDATA=/var/lib/postgresql/data/pgdata
    volumes:
      - dbdata:/var/lib/postgresql/data
    networks:
      - abp-network
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
      interval: 10s
      timeout: 3s
      retries: 10
      start_period: 10s

  redis:
    container_name: redis
    image: redis:alpine
    ports:
      - "6379:6379"
    networks:
      - abp-network
    healthcheck:
      test: ["CMD", "redis-cli","ping"]

volumes:
  dbdata:
    name: webapp_dbdata

networks:
  abp-network:
    name: webapp-network
    driver: bridge

maliming created 8 months ago

Support Team Fullstack Developer

{
    "error": "invalid_request",
    "error_description": "This server only accepts HTTPS requests.",
    "error_uri": "https://documentation.openiddict.com/errors/ID2083"
}

Can you try to DisableTransportSecurityRequirement

Configure<OpenIddictServerAspNetCoreOptions>(options =>
{
    options.DisableTransportSecurityRequirement = true;
});

jmalla.cp created 8 months ago

Hi,

Is this configuration correct in produccion mode?

maliming created 8 months ago

Support Team Fullstack Developer

If you can use https://webapp-authserver in your environment you don't need it.

jmalla.cp created 8 months ago

Hi,

Now I get this error:

2024-07-15 06:58:25.544 +00:00 [ERR] [] [] Exception occurred while processing message. Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException: IDX10205: Issuer validation failed. Issuer: 'https://pc01:44334/'. Did not match: validationParameters.ValidIssuer: 'null' or validationParameters.ValidIssuers: 'http://webapp-authserver/'. at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuer(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateIssuer(String issuer, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.ValidateToken(String idToken, AuthenticationProperties properties, TokenValidationParameters validationParameters, JwtSecurityToken& jwt) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync() 2024-07-15 06:58:25.545 +00:00 [ERR] [] [] An unhandled exception has occurred while executing the request. System.Exception: An error was encountered while handling the remote login. ---> Microsoft.IdentityModel.Tokens.SecurityTokenInvalidIssuerException: IDX10205: Issuer validation failed. Issuer: 'https://pc01:44334/'. Did not match: validationParameters.ValidIssuer: 'null' or validationParameters.ValidIssuers: 'http://webapp-authserver/'. at Microsoft.IdentityModel.Tokens.Validators.ValidateIssuer(String issuer, SecurityToken securityToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateIssuer(String issuer, JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateTokenPayload(JwtSecurityToken jwtToken, TokenValidationParameters validationParameters) at System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler.ValidateToken(String token, TokenValidationParameters validationParameters, SecurityToken& validatedToken) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.ValidateToken(String idToken, AuthenticationProperties properties, TokenValidationParameters validationParameters, JwtSecurityToken& jwt) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleRemoteAuthenticateAsync() --- End of inner exception stack trace --- at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync() at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Volo.Abp.AspNetCore.Security.AbpSecurityHeadersMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<

maliming created 8 months ago

Support Team Fullstack Developer

Can you use HTTPS in your docker?

Using HTTP will require some extra work.

eg:

SameSite problem

The required antiforgery request token was not provided in either form field "__RequestVerificationToken" or header value "RequestVerificationToken".

jmalla.cp created 8 months ago

Hi,

Yes, I can use HTTPS. How do I configure it?

maliming created 8 months ago

Support Team Fullstack Developer

I'm not familiar with docker(docker-compose).

jmalla.cp created 8 months ago

Hi,

And this exception is related about the same issue?

2024-07-15 07:08:07.125 +00:00 [ERR] [] [] An unhandled exception has occurred while executing the request. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'System.String'. ---> System.IO.IOException: IDX20804: Unable to retrieve document from: 'System.String'. ---> System.Net.Http.HttpRequestException: Cannot assign requested address (pc01:44334) ---> System.Net.Sockets.SocketException (99): Cannot assign requested address at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.ThrowException(SocketError error, CancellationToken cancellationToken) at System.Net.Sockets.Socket.AwaitableSocketAsyncEventArgs.System.Threading.Tasks.Sources.IValueTaskSource.GetResult(Int16 token) at System.Net.Sockets.Socket.<ConnectAsync>g__WaitForConnectWithCancellation|277_0(AwaitableSocketAsyncEventArgs saea, ValueTask connectTask, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken) --- End of inner exception stack trace --- at System.Net.Http.HttpConnectionPool.ConnectToTcpHostAsync(String host, Int32 port, HttpRequestMessage initialRequest, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.AddHttp11ConnectionAsync(HttpRequestMessage request) at System.Threading.Tasks.TaskCompletionSourceWithCancellation1.WaitWithCancellationAsync(CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.GetHttp11ConnectionAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpConnectionPool.SendWithVersionDetectionAndRetryAsync(HttpRequestMessage request, Boolean async, Boolean doRequestAuth, CancellationToken cancellationToken) at System.Net.Http.DiagnosticsHandler.SendAsyncCore(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.RedirectHandler.SendAsync(HttpRequestMessage request, Boolean async, CancellationToken cancellationToken) at System.Net.Http.HttpClient.<SendAsync>g__Core|83_0(HttpRequestMessage request, HttpCompletionOption completionOption, CancellationTokenSource cts, Boolean disposeCts, CancellationTokenSource pendingRequestsCts, CancellationToken originalCancellationToken) at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel) --- End of inner exception stack trace --- at Microsoft.IdentityModel.Protocols.HttpDocumentRetriever.GetDocumentAsync(String address, CancellationToken cancel) at Microsoft.IdentityModel.Protocols.OpenIdConnect.OpenIdConnectConfigurationRetriever.GetAsync(String address, IDocumentRetriever retriever, CancellationToken cancel) at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel) --- End of inner exception stack trace --- at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsyncInternal(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsync(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.AuthenticationHandler1.ChallengeAsync(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, String scheme, AuthenticationProperties properties) at Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult) at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Volo.Abp.AspNetCore.Security.AbpSecurityHeadersMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<<UseMiddlewareInterface>b__1>d.MoveNext() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)

maliming created 8 months ago

Support Team Fullstack Developer

Unable to obtain configuration from: 'System.String'.

Set ShowPII to true to see the details logs.

IdentityModelEventSource.ShowPII = true;

https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet/wiki/PII

jmalla.cp created 8 months ago

Could someone help me with the correct configuration of Docker Compose?

maliming created 8 months ago

Support Team Fullstack Developer

You can check the resource from:

https://learn.microsoft.com/en-us/aspnet/core/security/docker-compose-https?view=aspnetcore-8.0 https://www.google.com/search?q=asp+net+core+docker+compose+https

jmalla.cp created 8 months ago

Hi,

Could you give me information in more detail about the environment parameters of docker services in abp framework 6.0 versión.

maliming created 8 months ago

Support Team Fullstack Developer

What do you mean environment parameters ?

jmalla.cp created 8 months ago

version: '3.7'

services: webapp-web: image: cincaporc/webapp-web:latest container_name: webapp-web build: context: ../../ dockerfile: src/Cincaporc.WebApp.Web/Dockerfile.local environment: - ASPNETCORE_URLS=https://+:443;http://+:80; - Kestrel__Certificates__Default__Path=/root/certificate/localhost.pfx - Kestrel__Certificates__Default__Password=91f91912-5ab0-49df-8166-23377efaf3cc - App__SelfUrl=https://localhost:44353 - AuthServer__RequireHttpsMetadata=false - AuthServer__IsContainerizedOnLocalhost=true - AuthServer__MetaAddress=http://webapp-identity-server - AuthServer__Authority=https://localhost:44334 - RemoteServices__Default__BaseUrl=http://webapp-api - RemoteServices__AbpAccountPublic__BaseUrl=http://webapp-identity-server - App__MVCPublicUrl=https://localhost:44306 - ConnectionStrings__Default=Data Source=sql-server;Initial Catalog=WebApp;User Id=sa;Password=myPassw0rd;MultipleActiveResultSets=true;Persist Security Info=True; - Redis__Configuration=redis ports: - "44353:443" depends_on: - webapp-api restart: on-failure volumes: - ./certs:/root/certificate networks: - abp-network

webapp-api: image: cincaporc/webapp-api:latest container_name: webapp-api build: context: ../../ dockerfile: src/Cincaporc.WebApp.HttpApi.Host/Dockerfile.local environment: - ASPNETCORE_URLS=https://+:443;http://+:80; - Kestrel__Certificates__Default__Path=/root/certificate/localhost.pfx - Kestrel__Certificates__Default__Password=91f91912-5ab0-49df-8166-23377efaf3cc - App__SelfUrl=https://localhost:44354 - AuthServer__RequireHttpsMetadata=false - AuthServer__Authority=http://webapp-identity-server - App__MVCPublicUrl=https://localhost:44306 - ConnectionStrings__Default=Data Source=sql-server;Initial Catalog=WebApp;User Id=sa;Password=myPassw0rd;MultipleActiveResultSets=true;Persist Security Info=True; - Redis__Configuration=redis ports: - "44354:443" depends_on: sql-server: condition: service_healthy redis: condition: service_healthy restart: on-failure volumes: - ./certs:/root/certificate networks: - abp-network

webapp-authserver: image: cincaporc/webapp-authserver:latest container_name: webapp-authserver build: context: ../../ dockerfile: src/Cincaporc.WebApp.AuthServer/Dockerfile.local environment: - ASPNETCORE_URLS=https://+:443;http://+:80; - App__SelfUrl=https://localhost:44334 - App__CorsOrigins=https://localhost:44353,https://localhost:44354 - AuthServer__RequireHttpsMetadata=false - AuthServer__Authority=http://webapp-authserver - AuthServer__SetSelfAsIssuer=true - Kestrel__Certificates__Default__Path=/root/certificate/localhost.pfx - Kestrel__Certificates__Default__Password=91f91912-5ab0-49df-8166-23377efaf3cc - ConnectionStrings__Default=Data Source=sql-server;Initial Catalog=WebApp;User Id=sa;Password=myPassw0rd;MultipleActiveResultSets=true;Persist Security Info=True; - Redis__Configuration=redis ports: - "44334:443" depends_on: sql-server: condition: service_healthy redis: condition: service_healthy restart: on-failure volumes: - ./certs:/root/certificate networks: - abp-network

db-migrator: image: cincaporc/webapp-db-migrator:latest container_name: db-migrator build: context: ../../ dockerfile: src/WebApp.DbMigrator/Dockerfile.local environment: - IdentityServer__Clients__WebApp_Web__RootUrl=https://localhost:44353 - IdentityServer__Clients__WebApp_Swagger__RootUrl=https://localhost:44354 - ConnectionStrings__Default=Data Source=sql-server;Initial Catalog=WebApp;User Id=sa;Password=myPassw0rd;MultipleActiveResultSets=true;Persist Security Info=True; depends_on: sql-server: condition: service_healthy networks: - abp-network

sql-server: container_name: sql-server image: mcr.microsoft.com/mssql/server:2019-latest ports: - "1434:1433" environment: SA_PASSWORD: "myPassw0rd" ACCEPT_EULA: "Y" volumes: - sqldata:/var/opt/mssql networks: - abp-network healthcheck: test: /opt/mssql-tools/bin/sqlcmd -S sql-server -U sa -P "myPassw0rd" -Q "SELECT 1" -b -o /dev/null interval: 10s timeout: 3s retries: 10 start_period: 10s redis: container_name: redis image: redis:alpine ports: - "6379:6379" networks: - abp-network healthcheck: test: ["CMD", "redis-cli","ping"] volumes: sqldata: name: webapp_sqldata networks: abp-network: name: webapp-network driver: bridge

maliming created 8 months ago

Support Team Fullstack Developer

You can create a new template project and check the etc folder.

jmalla.cp created 8 months ago

Hi,

I Copied the docker-compose from a new project but I get this error accessing the web project.

2024-07-19 13:15:17.747 +00:00 [ERR] [] [] An unhandled exception has occurred while executing the request. System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'https://extranetapp.cinca.porc01:44334/.well-known/openid-configuration'. at Microsoft.IdentityModel.Protocols.ConfigurationManager1.GetConfigurationAsync(CancellationToken cancel) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsyncInternal(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.OpenIdConnect.OpenIdConnectHandler.HandleChallengeAsync(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.AuthenticationHandler1.ChallengeAsync(AuthenticationProperties properties) at Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, String scheme, AuthenticationProperties properties) at Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult) at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) at Cincaporc.WebApp.Middleware.Logging.SessionLoggingMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) in C:\Users\jmalla.CINCA\source\repos\Cincaporc\Cincaporc.WebApp\src\Cincaporc.WebApp.Middleware\Logging\SessionLoggingMiddleware.cs:line 23 at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<<UseMiddlewareInterface>b__1>d.MoveNext() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at Volo.Abp.AspNetCore.Security.AbpSecurityHeadersMiddleware.InvokeAsync(HttpContext context, RequestDelegate next) at Microsoft.AspNetCore.Builder.UseMiddlewareExtensions.<>c__DisplayClass6_1.<<UseMiddlewareInterface>b__1>d.MoveNext() --- End of stack trace from previous location --- at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)

maliming created 8 months ago

Support Team Fullstack Developer

IDX20803: Unable to obtain configuration from: 'https://extranetapp.cinca.porc01:44334/.well-known/openid-configuration'.

The error is very clear. Can you check if https://extranetapp.cinca.porc01:44334/.well-known/openid-configuration is reachable in the container?

mahuwei created 8 months ago

I had the same problem. API can't access .well-known/openid-configuration but I can from my browser

maliming created 8 months ago

Support Team Fullstack Developer

hi mahuwei Please create a new question and share your problem details. Thanks.

jmalla.cp created 7 months ago

Sorry Maliming,

Can you tell me how I can change the configuration because webapp-authserver accept HTTP connections?

Thanks

maliming created 8 months ago

Support Team Fullstack Developer

Can you share a test project?

I will test it in my local docker.

liming.ma@volosoft.com

maliming created 8 months ago

Support Team Fullstack Developer

Do you have a DNS map on your local machine?

eg:

extranetapp.cinca.porc to 127.0.0.1

We have to get the DNS for the domain from inside and outside the container.

jmalla.cp created 8 months ago

Hi,

Yes, I have this DNS map in my local machine.

maliming created 8 months ago

Support Team Fullstack Developer

Please send an email to liming.ma@volosoft.com

I will share you the project.

jmalla.cp created 8 months ago

Hi,

Thanks, Maliming, that works, but I have a question. Can this configuration affect security when we deploy it in Azure Webservices in production mode?