31 lines
1.1 KiB
YAML
31 lines
1.1 KiB
YAML
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: mailu-nginx-config
|
|
namespace: bakery-ia
|
|
labels:
|
|
app: mailu
|
|
component: nginx-config
|
|
data:
|
|
# Custom Nginx configuration to prevent redirect loops when behind ingress
|
|
# This file is mounted as /overrides/ingress-fix.conf in the Mailu frontend container
|
|
ingress-fix.conf: |
|
|
# Override the default HTTP to HTTPS redirect behavior
|
|
# When behind ingress controller, we should trust X-Forwarded-Proto header
|
|
# and avoid redirect loops
|
|
|
|
# Disable the HTTP to HTTPS redirect by overriding the redirect condition
|
|
# This prevents the redirect loop by setting the proxy protocol to https
|
|
set $proxy_x_forwarded_proto "https";
|
|
|
|
# Override the map directive to always return https when behind ingress
|
|
map "" $proxy_x_forwarded_proto {
|
|
default "https";
|
|
}
|
|
|
|
# Trust the X-Forwarded-* headers from the ingress controller
|
|
set_real_ip_from 10.0.0.0/8;
|
|
set_real_ip_from 172.16.0.0/12;
|
|
set_real_ip_from 192.168.0.0/16;
|
|
real_ip_header X-Forwarded-For;
|
|
real_ip_recursive on; |