[BUG] <title>Can't Use Domain URL to Login Bookstack
nakroy opened this issue · 4 comments
Is there an existing issue for this?
- I have searched the existing issues
Current Behavior
I use kubernetes deployments to deploy bookstack, and I set APP_URL as a domain name for https visit. But the problem is that after I use default username "admin@admin.com" and default password "password" to login. the problem occurs with error code like this:
419 Page Expired
Expected Behavior
user can succesfully login bookstack by domain name with https protocol
Steps To Reproduce
- My deployments yaml file is set like this:
apiVersion: v1
kind: Service
metadata:
name: bookstack
spec:
selector:
app: bookstack
type: ClusterIP
ports:
- name: http
protocol: TCP
port: 80
targetPort: 80
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: bookstack-ingress
annotations:
cert-manager.io/cluster-issuer: "ca-cluster-issuer"
nginx.ingress.kubernetes.io/proxy-body-size: "0"
spec:
ingressClassName: "nginx"
tls:
- hosts:
- my-bookstack.com
secretName: bookstack-certs
rules:
- host: my-bookstack.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: bookstack
port:
number: 80
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: bookstack-pvc
labels:
app: bookstack
spec:
storageClassName: nfs-fpt-storage
accessModes:
- ReadWriteMany
resources:
requests:
storage: 100Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: bookstack
namespace: bookstack
labels:
app: bookstack
spec:
replicas: 1
selector:
matchLabels:
app: bookstack
template:
metadata:
labels:
app: bookstack
spec:
containers:
- name: bookstack
image: linuxserver/bookstack:24.05.2
ports:
- name: http
containerPort: 80
envFrom:
- configMapRef:
name: bookstack-config
resources:
limits:
cpu: "2"
memory: "2Gi"
volumeMounts:
- name: bookstack-storage
mountPath: /config
volumes:
- name: bookstack-storage
persistentVolumeClaim:
claimName: bookstack-pvc
I use cert-manager to create tls secret for ingress automatically.
The mariadb I use for deployments is:
apiVersion: v1
kind: Service
metadata:
name: mariadb
labels:
app: bookstack
spec:
ports:
- port: 3306
protocol: TCP
selector:
app: bookstack
tier: mariadb
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: bookstack-db-pvc
labels:
app: bookstack
spec:
storageClassName: nfs-fpt-storage
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 30Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: bookstack-db
labels:
app: bookstack
spec:
selector:
matchLabels:
app: bookstack
tier: mariadb
strategy:
type: Recreate
template:
metadata:
labels:
app: bookstack
tier: mariadb
spec:
affinity:
nodeAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 1
preference:
matchExpressions:
- key: server-type
operator: In
values:
- database
containers:
- image: linuxserver/mariadb:10.11.8
name: bookstack-mariadb
env:
- name: PUID
valueFrom:
configMapKeyRef:
name: bookstack-config
key: PUID
- name: PGID
valueFrom:
configMapKeyRef:
name: bookstack-config
key: PGID
- name: MYSQL_ROOT_PASSWORD
valueFrom:
configMapKeyRef:
name: bookstack-config
key: DB_PASSWORD
- name: MYSQL_DATABASE
valueFrom:
configMapKeyRef:
name: bookstack-config
key: DB_DATABASE
- name: MYSQL_USER
valueFrom:
configMapKeyRef:
name: bookstack-config
key: DB_USERNAME
- name: MYSQL_PASSWORD
valueFrom:
configMapKeyRef:
name: bookstack-config
key: DB_PASSWORD
ports:
- containerPort: 3306
volumeMounts:
- name: bookstack-db-storage
mountPath: /config
volumes:
- name: bookstack-db-storage
persistentVolumeClaim:
claimName: bookstack-db-pvc
And I use configMap for env variable:
apiVersion: v1
kind: ConfigMap
metadata:
name: bookstack-config
data:
PUID: "1000"
PGID: "1000"
DB_DATABASE: bookstack
DB_HOST: mariadb
DB_PORT: "3306"
DB_PASSWORD: "bookstack123"
DB_USERNAME: "admin"
APP_URL: "https://my-bookstack.com"
APP_KEY: "base64:xxxxxx"
-
I deploy the resources, and use URL
https://my-bookstack.comto visit the website, and after I use default user and password for logging, it returns an error code with a page like this:
-
It's all fine if I use
LoadBalancertype ofServiceand set up a static IP, such as192.168.1.2, and changeAPP_URL=http://192.168.1.2, but this is under HTTP protocol which is not safe and can't use domain URL to visit.
Environment
- OS: Ubuntu 22.04
- How docker service was installed: use deployments yaml file in KubernetesCPU architecture
x86-64
Docker creation
The creation file is mentioned above with deployments yalm file.Container logs
No error log in podThanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
Another question I want to ask is that is this docker image supporting multi replicas?
This issue has been automatically marked as stale because it has not had recent activity. This might be due to missing feedback from OP. It will be closed if no further activity occurs. Thank you for your contributions.
We do not test or support kubernetes. I am unable to reproduce this issue using docker, which is our supported platform. You're welcome to join our discord and seek best-effort help in #other-support, but we do not entertain out of scope support requests via github.