Keycloak with Cloudflare Tunnel not working

Configuring the server
1

I have tried 2 ways of setting up reverse proxy, first with nginx, which didn’t work, and the second with Cloudflare tunnel, which doesn’t work either.

I installed Keycloak on Docker with:

docker run -d -p 8080:8080 -e KEYCLOAK_ADMIN=USERNAME-HERE -e KEYCLOAK_ADMIN_PASSWORD=PASSWORD-HERE quay.io/keycloak/keycloak:20.0.3 start-dev

And I can access it with IP-ADDRESS:8080, I get this welcome screen, with documentation and administration console and when I try to access the admin console, it requires me to use HTTPS, so I need to setup a reverse proxy with SSL.

I first tried it with nginx, and the configuration looks like this:

server {
    listen 80;
    listen [::]:80 default_server;
    return 301 https://$host$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name FQDN-HERE;

    ssl_certificate /etc/letsencrypt/live/FQDN-HERE/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/FQDN-HERE/privkey.pem;

    include snippets/ssl-params.conf;

    location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-NginX-Proxy true;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_pass http://localhost:8080/;
        proxy_ssl_session_reuse off;
        proxy_set_header Host $http_host;
        proxy_pass_header Server;
        proxy_cache_bypass $http_upgrade;
        proxy_redirect off;
    }
}

And it didn’t work, so I decided to try out Cloudflare Tunnel.

I also setup Cloudflare Tunnel in Docker with:

docker run -d cloudflare/cloudflared:latest tunnel --no-autoupdate run --token TOKEN-HERE

In the Zero Trust dashboard of Cloudflare I’ve tried localhost:8080, 127.0.0.1:8080, IP-ADDRESS:8080 on http:// protocol, but they all don’t work. I’ve also tried TCP protocol but I don’t think that would be correct.

And when I access the domain, I still can’t access the website. A 502 (Bad Gateway) error occurs.

Am I missing something here, is there something blocking reverse proxy on the server causing reverse proxy not parsing the site through. If you know what is going on and you have a solution please let me know, I’d appreciate it a lot.

Server Specifications:

  • Hosted on DigitalOcean
  • Docker v 20.10.21
  • Ubuntu v 22.04