Thank you very much for the time and effort you spent to help me.
The thing is, I had it working using only HTTP, just as you do now with docker telling the container is healthy. I then created my certificates and changed the URIs to fit HTTPS, which resulted in the unhealthy status.
I did try to change the Bind Address to 0.0.0.0:9000 and even the IP as well as the FQDN, but nothing worked.
My docker-compose.yml file looks like this now:
# Graylog: https://hub.docker.com/r/graylog/graylog/
# CHANGE ME (must be at least 16 characters)!
# Password: admin
entrypoint: /usr/bin/tini -- wait-for-it elasticsearch:9200 -- /docker-entrypoint.sh
# Graylog web interface and REST API
# Syslog TCP
# Syslog UDP
# GELF TCP
# GELF UDP
# Volumes for persisting data, see https://docs.docker.com/engine/admin/volumes/volumes/
You’re right, I could just use a custom configuration file where I will set the http_publish_uri manually, that just isn’t the smooth way of fixing the issue but rather a workaround in my opinion. But I might as well just do it.
By my understanding just the line
should set the http_publish_uri in the ~/data/config/graylog.conf, but it does not, resulting in a fail of the /health_check.sh.
----- EDIT ----
I now put all the variables I need to set in a separate graylog.conf file, which replaces the default file. The Container still is listed as unhealthy, but docker logs shows me some warnings that might help, but I have to look into that.
2022-03-16 08:55:02,744 WARN : org.graylog2.shared.rest.resources.ProxiedResource - Unable to call https://host.domain.ch:9000/api/system/metrics/multiple on node <39a013b4-eb50-4a0a-891b-7e089aff8858>: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target