diff --git a/authentik/providers/proxy/controllers/k8s/ingress.py b/authentik/providers/proxy/controllers/k8s/ingress.py index f29c60023..bf0c588ab 100644 --- a/authentik/providers/proxy/controllers/k8s/ingress.py +++ b/authentik/providers/proxy/controllers/k8s/ingress.py @@ -84,7 +84,6 @@ class IngressReconciler(KubernetesObjectReconciler[NetworkingV1beta1Ingress]): "traefik.ingress.kubernetes.io/affinity": "true", "nginx.ingress.kubernetes.io/proxy-buffers-number": "4", "nginx.ingress.kubernetes.io/proxy-buffer-size": "16k", - "nginx.ingress.kubernetes.io/backend-protocol": "HTTPS", } annotations.update( self.controller.outpost.config.kubernetes_ingress_annotations @@ -114,7 +113,7 @@ class IngressReconciler(KubernetesObjectReconciler[NetworkingV1beta1Ingress]): NetworkingV1beta1HTTPIngressPath( backend=NetworkingV1beta1IngressBackend( service_name=self.name, - service_port="https", + service_port="http", ), path="/akprox", ) @@ -129,7 +128,7 @@ class IngressReconciler(KubernetesObjectReconciler[NetworkingV1beta1Ingress]): NetworkingV1beta1HTTPIngressPath( backend=NetworkingV1beta1IngressBackend( service_name=self.name, - service_port="https", + service_port="http", ), path="/", ) diff --git a/internal/web/web_proxy.go b/internal/web/web_proxy.go index b4cb13d20..2eb7f7ab9 100644 --- a/internal/web/web_proxy.go +++ b/internal/web/web_proxy.go @@ -18,8 +18,6 @@ func (ws *WebServer) configureProxy() { } if req.TLS != nil { req.Header.Set("X-Forwarded-Proto", "https") - } else { - req.Header.Set("X-Forwarded-Proto", "http") } } rp := &httputil.ReverseProxy{Director: director} diff --git a/web/src/locales/en.po b/web/src/locales/en.po index e28870d4f..cbce2ace4 100644 --- a/web/src/locales/en.po +++ b/web/src/locales/en.po @@ -3476,8 +3476,8 @@ msgid "The URL \"{0}\" was not found." msgstr "The URL \"{0}\" was not found." #: src/pages/providers/proxy/ProxyProviderForm.ts -msgid "The external URL you'll access the application at" -msgstr "The external URL you'll access the application at" +msgid "The external URL you'll access the application at. Include any non-standard port." +msgstr "The external URL you'll access the application at. Include any non-standard port." #: src/pages/policies/dummy/DummyPolicyForm.ts msgid "The policy takes a random time to execute. This controls the minimum time it will take." diff --git a/web/src/locales/pseudo-LOCALE.po b/web/src/locales/pseudo-LOCALE.po index 79893082b..a810fcda3 100644 --- a/web/src/locales/pseudo-LOCALE.po +++ b/web/src/locales/pseudo-LOCALE.po @@ -3468,7 +3468,7 @@ msgid "The URL \"{0}\" was not found." msgstr "" #: -msgid "The external URL you'll access the application at" +msgid "The external URL you'll access the application at. Include any non-standard port." msgstr "" #: diff --git a/web/src/pages/providers/proxy/ProxyProviderForm.ts b/web/src/pages/providers/proxy/ProxyProviderForm.ts index ae691c71e..79a4a244e 100644 --- a/web/src/pages/providers/proxy/ProxyProviderForm.ts +++ b/web/src/pages/providers/proxy/ProxyProviderForm.ts @@ -125,7 +125,7 @@ export class ProxyProviderFormPage extends ModelForm { ?required=${true} name="externalHost"> -

${t`The external URL you'll access the application at`}

+

${t`The external URL you'll access the application at. Include any non-standard port.`}