Keycloak 20.0.1 in k8s and behind reverse proxy

Configuring the server
1

Hello,

Keycloak is running in k8s, behind a reverse proxy.
Commands with which the application is started:

command:
  - /opt/keycloak/bin/kc.sh
  - --verbose
  - start
  - --proxy=edge
  - --http-relative-path /tri/auth
  - --hostname-strict=false
  - --hostname-strict-https=false
  - --http-enabled=true

ingress rule:

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: tri-keycloak
  namespace: tri-dev
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
spec:
  rules:
    - host: tri-dev-proxy.example.com
      http:
        paths:
          - path: /tri/auth/
            pathType: Prefix
            backend:
              service:
                name: tri-keycloak-20-http
                port:
                  number: 80

config proxy:

location /tri/ {
    proxy_pass http://kube-node-ingress-upstream-80;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Server $host;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header X-Forwarded-Proto $scheme;
}

cat /etc/nginx/upstream.d/kube.upstream.conf

upstream kube-node-ingress-upstream-80 {
  server tri-dev-kube-node-1.priv:80;
  server tri-dev-kube-node-2.priv:80;
  server tri-dev-kube-node-3.priv:80;
}

https://tri-dev-proxy.example.com/tri/auth/ - the start page is available at this URL, but when you go to the admin console, it redirects to http (http://tri-dev-proxy.example.com/tri/auth/admin/), page not available.
In the ingress controller logs, the response is 200, when I go to the start page, they are not there when I enter the admin panel:

10.208.38.11 - - [01/Dec/2022:06:40:41 +0000] "GET /tri/auth/resources/g95ve/welcome/keycloak/logo.png HTTP/1.0" 200 7539 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" 775 0.016 [tri-dev-tri-keycloak-20-http-80] [] 10.233.104.232:8080 7539 0.016 200 12ed1e9084c4958620495cc04c817f99
10.208.38.11 - - [01/Dec/2022:06:40:41 +0000] "GET /tri/auth/resources/g95ve/welcome/keycloak/img/favicon.ico HTTP/1.0" 200 650 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.0.0 Safari/537.36" 782 0.006 [tri-dev-tri-keycloak-20-http-80] [] 10.233.104.232:8080 650 0.008 200 315323245937fb56f6b7cb6cfe91f560

Please tell me where is the mistake.

2

How to run keycloak with reverse proxy and without certificate?

3

There currently seems to be issues with loading the admin console in a k8s environment:

4

Which version can I used in which there is no such problem?