Self-hosted Grist Doesn't Work with Kubernetes Deployment (Custom Images)

[ravi-cloudastra]

Describe the current behavior

Self-hosted Grist fails to work properly when deployed on Kubernetes with a custom-built image from the tag/v1.3.3 branch. However, it works fine when using the official Grist public images.

Actual Behavior

• Requests to some API endpoints (e.g., /api/session/access/active) are being made over HTTP instead of HTTPS, leading to Mixed Content errors and blocked requests.

Additional Context

• The official Grist public image works fine on HTTPS, but the custom-built image from tag/v1.3.3 fails due to mixed content errors.
• This issue occurs without making any modifications to the Grist source code.

Possible Causes

• The custom-built image might not be properly enforcing HTTPS.
• WebSocket (ws://) and API calls might be defaulting to http:// instead of https://.
• The Grist Dockerfile or environment variables might need updates for proper HTTPS enforcement in self-hosted environments.

I have tried with APP_HOME_URL and APP_DOC_URL also then its healthcheck is failing.

Steps to reproduce

1.Deploy Grist on Kubernetes using the official Grist public image → Works fine over HTTPS.
2.Build a custom Docker image from Grist GitHub repo (branch main, tag v1.3.3) using the Dockerfile.
3.Deploy this custom-built image on Kubernetes.
4.Access Grist via HTTPS → Observe Mixed Content errors in browser console.

Describe the expected behavior

Grist should work over HTTPS without mixed content errors when using a custom-built image, just like it does with the public image.

Where have you encountered this bug?

• On docs.getgrist.com
• On a self-hosted instance

Instance information (when self-hosting only)

Error Message (Browser Console)

Mixed Content: The page at 'https://your-grist-url/' was loaded over HTTPS, but requested an insecure resource 'http://your-grist-url:8484/api/session/access/active'.
This request has been blocked; the content must be served over HTTPS.