greenpau
commented
11 months ago @ptman , you might have an issue with connectivity. This is unrelated to the plugin
Closed ptman closed 7 months ago
greenpau
commented
11 months ago @ptman , you might have an issue with connectivity. This is unrelated to the plugin
ptman
commented
11 months ago It's not connectivity, but the other service being down. But yes, connectivity would cause the same issue.
My problem is that I don't have a single site on caddy. I have tens. But only some use caddy-security. Still this causes all of them to be unavailable because caddy cannot be restarted.
So caddy should be able to start even if well-known cannot be fetched. And it should be retried periodically.
pinpox
commented
9 months ago Related #282, which is a special case of this: when the OIDC provider is behind caddy itself, it can't start because the openid-configuration is not reachable
ptman
commented
7 months ago https://authp.github.io/docs/authenticate/oauth/backend-oauth2-endpoint documents a workaround.
Describe the issue
{"level":"error","ts":1690988301.849259,"logger":"security","msg":"failed provisioning app server instance","app":"security","error":"server initialization failed: failed configuring identity provider: failed to fetch metadata for OAuth 2.0 authorization server: Get \"https://DOMAIN/realms/master/.well-known/openid-configuration\": dial tcp IPADDR:443: connect: connection refused"}
Expected behavior
I'd expect caddy to start and continue trying in the background since this isn't a problem with the configuration but with another service being unreachable.