Open cedricve opened 6 years ago
+1 for this Issue.. I try to use 3 Kerberos-Instances as Docker-Container behind a HA-Proxy with HTTPS as forced Default..
FYI, mixed content can be fixed by adding \URL::forceScheme('https');
as per #122
Tried and works fine, though it would be nice if there was some auto detection or so of protocol in use :) so we don't need to edit the file every time one updates the docker image....
+1 on this for me too. Trying to use behind reverse proxy ( nginx ). The above fix works, but there is quite a bit of mucking around edit that file within the container.
We implemented this ENV var, could you test it out https://github.com/kerberos-io/docker/blob/master/docker-compose.yml#L16
Hi Cedric, I just tested this and TL;DR is it works. Is this documented somewhere?
I tested as follows:
all working.
I have port 80 in container mapped to 32900 on my host machine ( which is 192.168.1.149 )
Below is my Nginx entry for that:
server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name kerberos.seb-cloud.com;
location / {
proxy_pass "http://192.168.1.149:32900/";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass_header Set-Cookie;
}
..... ( more stuff below here like certs location etc ) .....
All working now.
Thanks!
Seb
On Wed, Jan 9, 2019 at 7:24 PM Cédric Verstraeten notifications@github.com wrote:
We implemented this ENV var, could you test it out https://github.com/kerberos-io/docker/blob/master/docker-compose.yml#L16
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/kerberos-io/web/issues/138#issuecomment-452610968, or mute the thread https://github.com/notifications/unsubscribe-auth/AbRYdwG4lJpcRBoTl3nfyrZmQTpRG5Bgks5vBac2gaJpZM4Xz4pQ .
-- Sebastiaan Stoffels Ph 0419 216 676
Awesome @Sebastiaan76 would you be interested to contribute this to our documentation branch?
I think for now it could be added here: https://doc.kerberos.io/2.0/installation/Docker. The related file can be found here: https://github.com/kerberos-io/documentation/blob/develop/70_installation/4_Docker.md.
@cedricve PR submitted :)
Just attemptig to setup kerberos docker using traefik ( a proxy) and Kerberos falls down becasue of "mixed content" basically all the css and js is in the view with http://{mydomain}... it would make more sense for these all to be protocol less otherwise kerberos will never work properly behind a proxy (which is a standard use case for docker)