Syncthing in Docker doesn't redirect to HTTPS when "Use HTTPS for GUI" is checked

[huyi51462]

Syncthing version : Docker 1.26.* 1.27.*
os : docker
browser version : Chrome 120.0.6099.225
what happened : when enable "Use HTTPS for GUI", syncthing gui can not redirect to https
expected : when enable "Use HTTPS for GUI" , syncthing gui can redirect http to https

here is compose file

version: "3"
syncthing:
    image: syncthing/syncthing:1.25
    container_name: syncthing
    restart: unless-stopped
    network_mode: host
    environment:
      - PUID=1000
      - PGID=1000
    volumes:
      - /syncthing/syncthing:/var/syncthing

[bt90]

syncthing gui can not redirect to https

Browser screenshots?

[calmh]

Yeah, this is a legit issue. The reason is that the Docker image sets STGUIADDRESS=0.0.0.0:8384 which implies not-TLS and overrides the GUI settings.

[huyi51462]

Yeah, this is a legit issue. The reason is that the Docker image sets STGUIADDRESS=0.0.0.0:8384 which implies not-TLS and overrides the GUI settings.

got it thanks

[huyi51462]

Yeah, this is a legit issue. The reason is that the Docker image sets STGUIADDRESS=0.0.0.0:8384 which implies not-TLS and overrides the GUI settings.

How can this issue be resolved through configuration?
I have read the syncthing/README-Docker.md, and in the last section 'GUI Security,' it mentions, 'With the environment variable unset, Syncthing will follow what is set in the configuration file / GUI settings dialog.' However, even with version 1.25, this parameter is set, and the redirection is working correctly.

[huyi51462]

syncthing gui can not redirect to https

Browser screenshots?

[calmh]

Workaround is something like docker run -e STGUIADDRESS=https://0.0.0.0:8384 ... to enable HTTPS from that side.

This behavior has been unchanged for quite a while, certainly 1.25.0 should behave the same as current.

[bt90]

127.0.0.1 would onlybe accessible from within the container itself.

Networkmode host is the better approach anyway. The isolation cripples our network discovery.

[huyi51462]

Workaround is something like docker run -e STGUIADDRESS=https://0.0.0.0:8384 ... to enable HTTPS from that side.

This behavior has been unchanged for quite a while, certainly 1.25.0 should behave the same as current.

yeah it works

[calmh]

I still think this is an issue that should be handled somehow, if only by a documentation update on how to user the Docker image.

[huyi51462]

I still think this is an issue that should be handled somehow, if only by a documentation update on how to user the Docker image.

Yeah, I totally agree with you. I mean, it's supposed to be an out of the box feature, but it can be pretty confusing.
The issue is only brought up at the end of the README-Docker, and there's no clear solution or explanation of how the options are related. It can be easily misunderstood as if STGUIADDRESS only affects the address and not the protocol.