I have the following general setup:
- haproxy in front of klycloak, operating as ssl accelerator
- keycloak 18 quarkus (not clustered yet) running on an LXC VM with postgresql as database
I am struggling with the correct haproxy setup. Login at keycloak is possible and also the creating of realms. But I still see 404 errors “not found” in the Web UI, resulting in “…/admin/master/console/#/notfound” replies.
I assume that my haproxy setup is not fully correct yet:
haproxy frontend config:
defaults
log global
mode http
option httplog
option dontlognull
option forwardfor
option redispatch
frontend default
bind xxx.xxx.xxx.xxx.:80
# global redirect from http to https
redirect scheme https code 301 if !{ ssl_fc }
backend
# >> login >> keycloak p. 8080 production kc1
backend login-backend
option forwardfor
server xxx.xxx.de 10.10.10.20:8080 check verify none
http-request set-header X-Forwarded-Port %[dst_port]
http-request add-header X-Forwarded-Proto https if { ssl_fc }
http-request add-header X-Forwarded-For %[src]
## HSTS header, 16000000 seconds: a bit more than 6 months
http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;"
Does anybody have an idea whats wrong here? The same haproxy config works with a number of other applications and their web UIs without any problems. Only the keycloak UI shows these strange 404 errors …