providers/proxy: connect ingress to https instead of http
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #882
This commit is contained in:
parent
965db6eaf5
commit
8d7bb7da17
|
@ -84,6 +84,7 @@ class IngressReconciler(KubernetesObjectReconciler[NetworkingV1beta1Ingress]):
|
|||
"traefik.ingress.kubernetes.io/affinity": "true",
|
||||
"nginx.ingress.kubernetes.io/proxy-buffers-number": "4",
|
||||
"nginx.ingress.kubernetes.io/proxy-buffer-size": "16k",
|
||||
"nginx.ingress.kubernetes.io/backend-protocol": "HTTPS"
|
||||
}
|
||||
annotations.update(
|
||||
self.controller.outpost.config.kubernetes_ingress_annotations
|
||||
|
@ -113,7 +114,7 @@ class IngressReconciler(KubernetesObjectReconciler[NetworkingV1beta1Ingress]):
|
|||
NetworkingV1beta1HTTPIngressPath(
|
||||
backend=NetworkingV1beta1IngressBackend(
|
||||
service_name=self.name,
|
||||
service_port="http",
|
||||
service_port="https",
|
||||
),
|
||||
path="/akprox",
|
||||
)
|
||||
|
|
|
@ -15,6 +15,14 @@ Additionally, you can set `additionalHeaders` on groups or users to set addition
|
|||
|
||||
If you enable *Set HTTP-Basic Authentication* option, the HTTP Authorization header is being set.
|
||||
|
||||
# HTTPS
|
||||
|
||||
The outpost listens on both 4180 for HTTP and 4443 for HTTPS.
|
||||
|
||||
:::warning
|
||||
If your upstream host is HTTPS, and you're not using forward auth, you need to access the outpost over HTTPS too.
|
||||
:::
|
||||
|
||||
# Forward auth
|
||||
|
||||
To use forward auth instead of proxying, you have to change a couple of settings. In the Proxy Provider, make sure to enable `Enable forward-auth mode` on the provider.
|
||||
|
|
Reference in a new issue