HTTPS Site URL issues

I’m running into an issue similar to what’s described here: Health Checks on Google Kubernetes Engine when URL is https

Basically: I have an https URL, ghost is serving on localhost:2368. If site URL has https, Ghost gives a 301 redirect for http requests, which is a problem in my setup.

Related github issue: https://github.com/TryGhost/Ghost/issues/11039

Questions:

  • Is it possible to disable 301 redirect for / when URL starts with https? In any case, it seems odd to me that Ghost core is implementing this even though its actually serving traffic over http – shouldn’t this sort of redirect be left up to the proxy?
  • Alternatively, why does Ghost explicitly include the site URL when linking images etc? Best practice (e.g. https://developer.mozilla.org/en-US/docs/Learn/HTML/Multimedia_and_embedding/Images_in_HTML) is to use relative links – it’s easier on the browser, AND it’s protocol agnostic. Is there any way to suppress this behavior?

Thanks.

Also ping @tscott, do you mind sharing the k8s config you used for your healthchecks? I tried to use the tcpSocket option in the readinessProbe for the container, but the Ingress seems to ignore it and keeps trying to use the HTTP probe.

I am also encountering this issue, which is making it difficult to deploy this on GKE with the Bitnami helm chart. Any updates from the development team on this?

Is there a health check path we can use which will not return a 301?

A possible workaround, from OP, 🧩So, I over-engineered my blog

On top of the workaround of specifying the ghost url using http, when deploying on native gke ingress one can make the ingress redirect http to https, Configuring Ingress features  |  Kubernetes Engine Documentation.

So now I can have ghost deployed correctly on gke

Edit: Actually this runs into problems with browsers serving mixed content. Sad

Edit: I actually was not able to get Ghost set up in kubernetes behind the default ingress in gke. The health check never succeeded when set up with a https url, and when set up using a http url there were mixed content warnings were the browser began blocking requests.