52 lines
1.7 KiB
YAML
52 lines
1.7 KiB
YAML
apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: mailu-ingress
|
|
namespace: bakery-ia
|
|
labels:
|
|
app.kubernetes.io/name: mailu
|
|
app.kubernetes.io/component: ingress
|
|
environment: production
|
|
annotations:
|
|
cert-manager.io/cluster-issuer: letsencrypt-production
|
|
nginx.ingress.kubernetes.io/proxy-body-size: "100m"
|
|
nginx.ingress.kubernetes.io/proxy-read-timeout: "3600"
|
|
nginx.ingress.kubernetes.io/proxy-send-timeout: "3600"
|
|
nginx.ingress.kubernetes.io/force-ssl-redirect: "true"
|
|
nginx.ingress.kubernetes.io/ssl-redirect: "true"
|
|
# CRITICAL: Headers for Mailu compatibility to fix webmail redirect loop
|
|
nginx.ingress.kubernetes.io/configuration-snippet: |
|
|
# Set proper headers for Mailu
|
|
more_set_headers "X-Forwarded-Proto $scheme";
|
|
more_set_headers "X-Forwarded-Port $server_port";
|
|
more_set_headers "X-Original-Forwarded-For $http_x_forwarded_for";
|
|
|
|
# Handle redirects properly to prevent loops for webmail
|
|
proxy_redirect https://$host https://$host;
|
|
proxy_redirect http://$host https://$host;
|
|
|
|
# Ensure proper host header
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
# Additional proxy settings for Mailu
|
|
nginx.ingress.kubernetes.io/proxy-set-headers: "X-Forwarded-Proto https"
|
|
spec:
|
|
ingressClassName: nginx
|
|
tls:
|
|
- hosts:
|
|
- mail.bakewise.ai
|
|
secretName: bakery-ia-prod-tls-cert
|
|
rules:
|
|
- host: mail.bakewise.ai
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: mailu-front
|
|
port:
|
|
number: 80
|