Hello,
I've been trying to setup a pgadmin on Kubernetes behind an nginx ingress
that handles the TLS termination. I cannot modify the configuration of that
ingress, so I've deployed an additional nginx to handle the reverse proxy
config for pgadmin:
nginx ingress (tls termination) -> nginx -> pgadmin
The config of my reverse proxy is:
upstream http_backend {
server localhost:8080;
keepalive 16;
}
server {
listen 5050;
server_name _;
location / {
proxy_set_header X-Scheme https;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header X-Original-Forwarded-For "";
proxy_set_header Host $host;
proxy_pass http://http_backend/;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}
It works, all the Location headers are good, the problem is that the
returned Cookies are not valid. If I curl the root of the server, and then
save the returned cookie and use it again on a subsequent request, a new
cookie is issued instead of keepking the previous one (so I guess the
server doesn't like it).
The outcome is that in a browser there's an infinite loop of redirects,
trying to get a good cookie with no success.
I've been looking this thread:
https://www.postgresql.org/message-id/flat/5d14f954.1c69fb81.e188f.9c5b%40mx.google.com
but the config used by them is already in my config, my redirects are good,
but the cookies still are bad.
I was thinking: what can make a pgadmin server discard a cooke?
Thanks.
