search

kerberos-io / web

(DEPRECATED) An open source GUI to configure the machinery and to view events that were detected by the machinery.
https://www.kerberos.io
226 stars 69 forks source link

Mixing content: make protocol less. #138

Open cedricve opened 5 years ago

cedricve commented 5 years ago

Just attemptig to setup kerberos docker using traefik ( a proxy) and Kerberos falls down becasue of "mixed content" basically all the css and js is in the view with http://{mydomain}... it would make more sense for these all to be protocol less otherwise kerberos will never work properly behind a proxy (which is a standard use case for docker)

CoReYeDe commented 5 years ago

+1 for this Issue.. I try to use 3 Kerberos-Instances as Docker-Container behind a HA-Proxy with HTTPS as forced Default..

fabiopbx commented 5 years ago

FYI, mixed content can be fixed by adding \URL::forceScheme('https'); as per #122

Tried and works fine, though it would be nice if there was some auto detection or so of protocol in use :) so we don't need to edit the file every time one updates the docker image....

Sebastiaan76 commented 5 years ago

+1 on this for me too. Trying to use behind reverse proxy ( nginx ). The above fix works, but there is quite a bit of mucking around edit that file within the container.

cedricve commented 5 years ago

We implemented this ENV var, could you test it out https://github.com/kerberos-io/docker/blob/master/docker-compose.yml#L16

Sebastiaan76 commented 5 years ago

Hi Cedric, I just tested this and TL;DR is it works. Is this documented somewhere?

I tested as follows:

  1. I removed the prior fix in www/web/routes/web.php ( per Github I had had added the \URL::forceScheme('https'); entry to that file - which had fixed the issue, but obviously not ideal and likely to break next time i pull the image ).
  2. re-started Kerberos container and confirm that without that fix it was broken again ( browser complaining of mixed secure/insecure content ).
  3. Stopped container in 'Portainer' which i use to manage my containers. I then 'Edit/Duplicate'd the container and added the ENV and set to 'true'
  4. re-deployed container

all working.

I have port 80 in container mapped to 32900 on my host machine ( which is 192.168.1.149 )

Below is my Nginx entry for that:

server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name kerberos.seb-cloud.com;

    location / {
            proxy_pass      "http://192.168.1.149:32900/";
            proxy_http_version 1.1;
            proxy_set_header    Host                    $host;
            proxy_set_header    X-Real-IP               $remote_addr;
            proxy_set_header    Upgrade     $http_upgrade;
            proxy_set_header    Connection  "upgrade";
            proxy_pass_header   Set-Cookie;
            }

..... ( more stuff below here like certs location etc ) .....

All working now.

Thanks!

Seb

On Wed, Jan 9, 2019 at 7:24 PM Cédric Verstraeten notifications@github.com wrote:

We implemented this ENV var, could you test it out https://github.com/kerberos-io/docker/blob/master/docker-compose.yml#L16

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/kerberos-io/web/issues/138#issuecomment-452610968, or mute the thread https://github.com/notifications/unsubscribe-auth/AbRYdwG4lJpcRBoTl3nfyrZmQTpRG5Bgks5vBac2gaJpZM4Xz4pQ .

-- Sebastiaan Stoffels Ph 0419 216 676

cedricve commented 5 years ago

Awesome @Sebastiaan76 would you be interested to contribute this to our documentation branch?

I think for now it could be added here: https://doc.kerberos.io/2.0/installation/Docker. The related file can be found here: https://github.com/kerberos-io/documentation/blob/develop/70_installation/4_Docker.md.

fabiopbx commented 5 years ago

@cedricve PR submitted :)

https://github.com/kerberos-io/documentation/pull/15