search

passbolt / charts-passbolt

Helm charts to run Passbolt on Kubernetes. No strings attached charts to run the open source password manager for teams!
https://passbolt.com
GNU Affero General Public License v3.0
40 stars 27 forks source link

ERR_TOO_MANY_REDIRECTS on service port mapping http 80 #82

Closed nurzhanbm closed 2 months ago

nurzhanbm commented 2 months ago

Hi!

passboltRedirects I'm trying to set up ingress. The certificate will only be for ingress. I use the Service passbolt, service port mapping http 80. All target port for traffic redirects to https 443. Browser response with error: ERR_TOO_MANY_REDIRECTS (attached passboltRedirects.jpg)

How to disable redirects http to https? Could you disable it by default?

$ helm install passbolt passbolt/passbolt
$ kubectl get pods
NAME                                      READY   STATUS      RESTARTS        AGE
passbolt-cron-proc-email-28572745-48p6v   0/2     Completed   0               20s
passbolt-depl-srv-65564d87dc-78tn2        2/2     Running     5 (7h32m ago)   7h35m
passbolt-depl-srv-65564d87dc-v98kp        2/2     Running     5 (7h32m ago)   7h35m
passbolt-job-create-gpg-keys-4fw87        0/1     Completed   0               7h36m
passbolt-job-create-jwt-keys-cx9wx        0/1     Completed   0               7h35m
passbolt-mariadb-primary-0                1/1     Running     0               7h35m
passbolt-mariadb-secondary-0              1/1     Running     0               7h35m
passbolt-redis-node-0                     2/2     Running     0               7h35m
passbolt-redis-node-1                     2/2     Running     0               7h32m
passbolt-redis-node-2                     2/2     Running     0               7h31m
$ kubectl port-forward passbolt-depl-srv-65564d87dc-78tn2 :80
Forwarding from 127.0.0.1:34205 -> 80
Forwarding from [::1]:34205 -> 80
$ wget http://127.0.0.1:34205
--2024-04-29 09:44:16--  http://127.0.0.1:34205/
Connecting to 127.0.0.1:34205... connected.
HTTP request sent, awaiting response... 302 Found
Location: https://127.0.0.1:34205/ [following]
--2024-04-29 09:44:16--  https://127.0.0.1:34205/
Connecting to 127.0.0.1:34205... connected.
GnuTLS: An unexpected TLS packet was received.
Unable to establish SSL connection.
nurzhanbm commented 2 months ago

I solved problem by editing existing setting: passboltEnv.plain.PASSBOLT_SSL_FORCE: true to false

schndr commented 2 months ago

Hey @nurzhanbm,

Could you please share your detailed configuration? I'm having trouble terminating SSL only on the loadbalancer :(