lunny/helm-chart
1
0
Fork 1
Code Issues 36 Pull Requests 14 Actions Packages Projects Releases 93 Wiki Activity

Wrong protocol in root URL using ingress with TLS #307

New Issue
Closed
opened 2022-03-12 13:53:46 +00:00 by Mik- · 1 comment
Mik- commented 2022-03-12 13:53:46 +00:00 (Migrated from gitea.com)
Copy Link

Hi,
today I tried to activate my Yubikey with Webauthn but it fails with a 500 server error stating there are differences in the root URL (got https://my.domain, want http://my.domain) (I didn't remember the exact message).

After adding

gitea:
  config:
    server:
      ROOT_URL: "https://my.domain"

everything works as expected.

As I'm using an ingress with cert-manager like so in my values

ingress:
  enabled: true
  annotations:
    kubernetes.io/ingress.class: traefik
    cert-manager.io/cluster-issuer: letsencrypt-prod
  hosts:
    - host: my.domain
      paths:
      - path: /
        pathType: Prefix

  tls:
    - secretName: my-domain-tls
      hosts:
        - my.domain

I expected, the ROOT_URL should be set accordingly.

Am I wrong or could this be a feature?

The used chart version is 5.0.2

Hi, today I tried to activate my Yubikey with Webauthn but it fails with a 500 server error stating there are differences in the root URL (got https://my.domain, want http://my.domain) (I didn't remember the exact message). After adding ``` gitea: config: server: ROOT_URL: "https://my.domain" ``` everything works as expected. As I'm using an ingress with cert-manager like so in my values ``` ingress: enabled: true annotations: kubernetes.io/ingress.class: traefik cert-manager.io/cluster-issuer: letsencrypt-prod hosts: - host: my.domain paths: - path: / pathType: Prefix tls: - secretName: my-domain-tls hosts: - my.domain ``` I expected, the ROOT_URL should be set accordingly. Am I wrong or could this be a feature? The used chart version is 5.0.2
justusbunsi commented 2022-03-20 16:46:15 +00:00 (Migrated from gitea.com)
Copy Link

Right now the ROOT_URL is built base on the protocol (defaults to http) and ingress tls settings. Setting the protocol to https would imply that Gitea runs on https itself which requires certificates inside the container.
Setting the ROOT_URL to the external endpoint would be much easier. So yes, could be a feature I guess. ?

Right now the ROOT_URL is built base on the protocol (defaults to http) and ingress tls settings. Setting the protocol to https would imply that Gitea runs on https itself which requires certificates inside the container. Setting the ROOT_URL to the external endpoint would be much easier. So yes, could be a feature I guess. ?
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
has/backport
in progress
invalid
kind/breaking
kind/bug
kind/build
kind/dependency
kind/deployment
kind/docs
kind/enhancement
kind/feature
kind/lint
kind/proposal
kind/question
kind/refactor
kind/security
kind/testing
kind/translation
kind/ui
need/backport
priority/critical
priority/low
priority/maybe
priority/medium
reviewed/duplicate
reviewed/invalid
reviewed/wontfix
skip-changelog
status/blocked
status/needs-feedback
status/needs-reviews
status/wip
upstream/gitea
upstream/other
No Label
kind/bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
lunny
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: lunny/helm-chart#307
No description provided.
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?