Configuration of Nexus Helm Chart: HTTPS Serving HTTP Resources
I ran the following command:
kubectl create secret tls nexus-tls --cert cert.crt --key privateKey.pem
where cert.crt contains my certificate and privateKey.pem contains my private key (provisioned using CloudFlare).
I then installed the stable/sonatype-nexus Helm chart with the following configuration:
nexusProxy:
env:
nexusDockerHost: containers.<<NEXUS_HOST>>
nexusHttpHost: nexus.<<NEXUS_HOST>>
nexusBackup:
enabled: true
nexusAdminPassword: <<PASSWORD>>
env:
targetBucket: gs://<<BACKUP_BUCKET_NAME>>
persistence:
storageClass: standard
ingress:
enabled: true
path: /*
annotations:
kubernetes.io/ingress.allow-http: true
kubernetes.io/tls-acme: true
kubernetes.io/ingress.class: gce
kubernetes.io/ingress.global-static-ip-name: <<STATIC_IP_ADDRESS_NAME>>
tls:
enabled: true
secretName: nexus-tls
persistence:
storageClass: standard
storageSize: 1024Gi
resources:
requests:
cpu: 250m
memory: 4800Mi
by running the command:
helm install -f values.yaml stable/sonatype-nexus
The possible configuration values for this chart are documented here.
When I visit http://nexus.<<NEXUS_HOST>>, I am able to access the Nexus Repository. However, when I access https://nexus.<<NEXUS_HOST>>, I receive mixed content warnings, because HTTP resources are being served.
If I set the nexusProxy.env.enforceHttps environment variable to true, when I visit https://nexus.<<NEXUS_HOST>>, I get a response back which looks like:
HTTP access is disabled. Click here to browse Nexus securely: https://nexus.<<NEXUS_HOST>>.
How can I ensure that Nexus is served securely? Have I made a configuration error, or does the issue lie elsewhere?
kubernetes nexus kubernetes-helm asked Nov 25 '18 at 22:36
Charles SalmonCharles Salmon
310110
add a comment |
I ran the following command:
kubectl create secret tls nexus-tls --cert cert.crt --key privateKey.pem
where cert.crt contains my certificate and privateKey.pem contains my private key (provisioned using CloudFlare).
I then installed the stable/sonatype-nexus Helm chart with the following configuration:
nexusProxy:
env:
nexusDockerHost: containers.<<NEXUS_HOST>>
nexusHttpHost: nexus.<<NEXUS_HOST>>
nexusBackup:
enabled: true
nexusAdminPassword: <<PASSWORD>>
env:
targetBucket: gs://<<BACKUP_BUCKET_NAME>>
persistence:
storageClass: standard
ingress:
enabled: true
path: /*
annotations:
kubernetes.io/ingress.allow-http: true
kubernetes.io/tls-acme: true
kubernetes.io/ingress.class: gce
kubernetes.io/ingress.global-static-ip-name: <<STATIC_IP_ADDRESS_NAME>>
tls:
enabled: true
secretName: nexus-tls
persistence:
storageClass: standard
storageSize: 1024Gi
resources:
requests:
cpu: 250m
memory: 4800Mi
by running the command:
helm install -f values.yaml stable/sonatype-nexus
The possible configuration values for this chart are documented here.
When I visit http://nexus.<<NEXUS_HOST>>, I am able to access the Nexus Repository. However, when I access https://nexus.<<NEXUS_HOST>>, I receive mixed content warnings, because HTTP resources are being served.
If I set the nexusProxy.env.enforceHttps environment variable to true, when I visit https://nexus.<<NEXUS_HOST>>, I get a response back which looks like:
HTTP access is disabled. Click here to browse Nexus securely: https://nexus.<<NEXUS_HOST>>.
How can I ensure that Nexus is served securely? Have I made a configuration error, or does the issue lie elsewhere?
kubernetes nexus kubernetes-helm asked Nov 25 '18 at 22:36
Charles SalmonCharles Salmon
310110
add a comment |
I ran the following command:
kubectl create secret tls nexus-tls --cert cert.crt --key privateKey.pem
where cert.crt contains my certificate and privateKey.pem contains my private key (provisioned using CloudFlare).
I then installed the stable/sonatype-nexus Helm chart with the following configuration:
nexusProxy:
env:
nexusDockerHost: containers.<<NEXUS_HOST>>
nexusHttpHost: nexus.<<NEXUS_HOST>>
nexusBackup:
enabled: true
nexusAdminPassword: <<PASSWORD>>
env:
targetBucket: gs://<<BACKUP_BUCKET_NAME>>
persistence:
storageClass: standard
ingress:
enabled: true
path: /*
annotations:
kubernetes.io/ingress.allow-http: true
kubernetes.io/tls-acme: true
kubernetes.io/ingress.class: gce
kubernetes.io/ingress.global-static-ip-name: <<STATIC_IP_ADDRESS_NAME>>
tls:
enabled: true
secretName: nexus-tls
persistence:
storageClass: standard
storageSize: 1024Gi
resources:
requests:
cpu: 250m
memory: 4800Mi
by running the command:
helm install -f values.yaml stable/sonatype-nexus
The possible configuration values for this chart are documented here.
When I visit http://nexus.<<NEXUS_HOST>>, I am able to access the Nexus Repository. However, when I access https://nexus.<<NEXUS_HOST>>, I receive mixed content warnings, because HTTP resources are being served.
If I set the nexusProxy.env.enforceHttps environment variable to true, when I visit https://nexus.<<NEXUS_HOST>>, I get a response back which looks like:
HTTP access is disabled. Click here to browse Nexus securely: https://nexus.<<NEXUS_HOST>>.
How can I ensure that Nexus is served securely? Have I made a configuration error, or does the issue lie elsewhere?
kubernetes nexus kubernetes-helm asked Nov 25 '18 at 22:36
Charles SalmonCharles Salmon
310110
I ran the following command:
kubectl create secret tls nexus-tls --cert cert.crt --key privateKey.pem
where cert.crt contains my certificate and privateKey.pem contains my private key (provisioned using CloudFlare).
I then installed the stable/sonatype-nexus Helm chart with the following configuration:
nexusProxy:
env:
nexusDockerHost: containers.<<NEXUS_HOST>>
nexusHttpHost: nexus.<<NEXUS_HOST>>
nexusBackup:
enabled: true
nexusAdminPassword: <<PASSWORD>>
env:
targetBucket: gs://<<BACKUP_BUCKET_NAME>>
persistence:
storageClass: standard
ingress:
enabled: true
path: /*
annotations:
kubernetes.io/ingress.allow-http: true
kubernetes.io/tls-acme: true
kubernetes.io/ingress.class: gce
kubernetes.io/ingress.global-static-ip-name: <<STATIC_IP_ADDRESS_NAME>>
tls:
enabled: true
secretName: nexus-tls
persistence:
storageClass: standard
storageSize: 1024Gi
resources:
requests:
cpu: 250m
memory: 4800Mi
by running the command:
helm install -f values.yaml stable/sonatype-nexus
The possible configuration values for this chart are documented here.
When I visit http://nexus.<<NEXUS_HOST>>, I am able to access the Nexus Repository. However, when I access https://nexus.<<NEXUS_HOST>>, I receive mixed content warnings, because HTTP resources are being served.
If I set the nexusProxy.env.enforceHttps environment variable to true, when I visit https://nexus.<<NEXUS_HOST>>, I get a response back which looks like:
HTTP access is disabled. Click here to browse Nexus securely: https://nexus.<<NEXUS_HOST>>.
How can I ensure that Nexus is served securely? Have I made a configuration error, or does the issue lie elsewhere?
kubernetes nexus kubernetes-helm kubernetes nexus kubernetes-helm asked Nov 25 '18 at 22:36
Charles SalmonCharles Salmon
310110
asked Nov 25 '18 at 22:36
Charles SalmonCharles Salmon
310110
edited Nov 26 '18 at 18:24
Charles Salmon
asked Nov 25 '18 at 22:36
Charles SalmonCharles Salmon
310110
asked Nov 25 '18 at 22:36
Charles SalmonCharles Salmon
310110
asked Nov 25 '18 at 22:36
Charles SalmonCharles Salmon
310110
310110
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53472704%2fconfiguration-of-nexus-helm-chart-https-serving-http-resources%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53472704%2fconfiguration-of-nexus-helm-chart-https-serving-http-resources%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
