ZITADEL v4.1.4 — Init successful, but no console/login UI visible (Caddy reverse proxy)
I’m trying to get ZITADEL v4.1.4 running self-hosted with Docker Compose and Caddy as reverse proxy (--tlsMode external, TLS termination). Database: PostgreSQL 17.
Containers start, logs look fine, DB initializes, and health checks return 200 — but I still can’t reach the UI.
Both /ui/console and /ui/v2/login return a JSON 404 (“Not Found”), even when testing locally on port 8080.
I’ve tried:
• Correct ExternalDomain, ExternalSecure=true, tlsMode=external
• Explicit ZITADEL_EXTERNALPORT=443
• Removing manual Login V2 envs
• Proxying via h2c:8080 and also split-routing /ui/v2/login → :3000
• Fresh init with clean DB
→ Same 404 result every time.
Questions:
In v4.1.x, is the separate zitadel-login container still needed, or should Login v2 be integrated in the main image?
What’s the minimal working config (env + Caddy) for /ui/console and Login V2 behind external TLS?
Which envs are required for this mode (e.g. ZITADEL_EXTERNALPORT=443)?
Should everything route via port 8080/h2c, or is 3000 still expected?
Is there an updated Compose + Caddy example for v4.1.x?
Haven’t been able to get the UI working yet — backend and health are fine, but the console/login endpoints never render. Any help or pointers would be greatly appreciated
— Flo
Containers start, logs look fine, DB initializes, and health checks return 200 — but I still can’t reach the UI.
Both /ui/console and /ui/v2/login return a JSON 404 (“Not Found”), even when testing locally on port 8080.
I’ve tried:
• Correct ExternalDomain, ExternalSecure=true, tlsMode=external
• Explicit ZITADEL_EXTERNALPORT=443
• Removing manual Login V2 envs
• Proxying via h2c:8080 and also split-routing /ui/v2/login → :3000
• Fresh init with clean DB
→ Same 404 result every time.
Questions:
In v4.1.x, is the separate zitadel-login container still needed, or should Login v2 be integrated in the main image? What’s the minimal working config (env + Caddy) for /ui/console and Login V2 behind external TLS? Which envs are required for this mode (e.g. ZITADEL_EXTERNALPORT=443)? Should everything route via port 8080/h2c, or is 3000 still expected? Is there an updated Compose + Caddy example for v4.1.x?Haven’t been able to get the UI working yet — backend and health are fine, but the console/login endpoints never render. Any help or pointers would be greatly appreciated
— Flo
