Helm deploy squidex on k8s , clustering issue

Sebastian · June 8, 2022, 9:53am

This is the fallback page for all non-existing endpoints. I don’t know why it is not reachable for you.

e.g. this is for my test site and cloud:

squidexstevyu · June 8, 2022, 9:55am

follow the log “stackTrace”: " , it seems authentication failed :
squidex/OrleansDashboardAuthenticationMiddleware.cs at ca070830989e67940e9b97643916b18ea3c2c8c1 · Squidex/squidex (github.com)

squidexstevyu · June 8, 2022, 10:14am

could you show me your values.yaml , maybe you have some configuration i don’t have .

squidexstevyu · June 8, 2022, 10:24am

URLS__ENFORCEHTTPS: false # Set it to true to redirect the user from http to https permanently
is this value can only be false ? when i set it to true , the pod can not startup .

Sebastian · June 8, 2022, 10:28am

It is a docker-compose config: https://github.com/Squidex/squidex-hosting/blob/master/docker-compose/docker-compose.yml

Usually your proxy who creates the certificate should do it anyway. It is not needed.

squidexstevyu · June 8, 2022, 10:45am

  - IDENTITY__ADMINEMAIL=${SQUIDEX_ADMINEMAIL}
  - IDENTITY__ADMINPASSWORD=${SQUIDEX_ADMINPASSWORD}
  - IDENTITY__GOOGLECLIENT=${SQUIDEX_GOOGLECLIENT}
  - IDENTITY__GOOGLESECRET=${SQUIDEX_GOOGLESECRET}
  - IDENTITY__GITHUBCLIENT=${SQUIDEX_GITHUBCLIENT}
  - IDENTITY__GITHUBSECRET=${SQUIDEX_GITHUBSECRET}
  - IDENTITY__MICROSOFTCLIENT=${SQUIDEX_MICROSOFTCLIENT}
  - IDENTITY__MICROSOFTSECRET=${SQUIDEX_MICROSOFTSECRET}
  - ASPNETCORE_URLS=http://+:5000

i don’t set those values in helm values.yaml , are those values necessary ?

Sebastian · June 8, 2022, 10:47am

No, they just disable or enable the login providers. And they are set in the helm chart by default:

github.com

Squidex/squidex/blob/master/helm/squidex/values.yaml#L57


# CREATE LOCAL ADMIN USER
IDENTITY__ADMINEMAIL: ""
IDENTITY__ADMINPASSWORD: ""
IDENTITY__ADMINRECREATE: false # Recreate the admin if it does not exist or the password does not match
IDENTITY__ALLOWPASSWORDAUTH: "true" # Enable password auth. Set this to false if you want to disable local login, leaving only 3rd party login options
IDENTITY__LOCKAUTOMATICALLY: "false" # Lock new users automatically, the administrator must unlock them
IDENTITY__SHOWPII: true # Set to true to show PII (Personally Identifiable Information) in the logs
IDENTITY__PRIVACYURL: "https://squidex.io/privacy" # The url to you privacy statements, if you host squidex by yourself

# Settings for Google auth (keep empty to disable)
IDENTITY__GOOGLECLIENT: null
IDENTITY__GOOGLESECRET: null

# Settings for Github auth (keep empty to disable)
IDENTITY__GITHUBCLIENT: null
IDENTITY__GITHUBSECRET: null

# Settings for Microsoft auth (keep empty to disable)
# NOTE: Tennant is optional for using a specific AzureAD tenant
IDENTITY__MICROSOFTCLIENT: null
IDENTITY__MICROSOFTSECRET: null

squidexstevyu · June 8, 2022, 11:03am

hello , are you using appversion 6.9.0 ?
when i set it to 6.9.0 , it report error : ImagePullBackOff

Sebastian · June 8, 2022, 3:35pm

But why does it work for me? I meant 6.7.0 of course.

squidexstevyu · June 9, 2022, 7:32am

squidexstevyu · June 9, 2022, 9:01am

{
  "logLevel": "Error",
  "message": "Connection id \u00220HMI9TD6LDFGQ\u0022, Request id \u00220HMI9TD6LDFGQ:00000038\u0022: An unhandled exception was thrown by the application.",
  "eventId": {
    "id": 13,
    "name": "ApplicationError"
  },
  "connectionId": "0HMI9TD6LDFGQ",
  "traceIdentifier": "0HMI9TD6LDFGQ:00000038",
  "timestamp": "2022-06-09T07:50:02Z",
  "app": {
    "name": "Squidex",
    "version": "6.7.0.0",
    "sessionId": "ea28212b-c87e-4fc2-bb5a-7a89643cd96c"
  },
  "web": {
    "requestId": "00-20cf8fa39f68dc75234577c01f5e0945-dd47e049d8335340-01",
    "requestPath": "/signin-internal",
    "requestMethod": "GET"
  },
  "category": "Microsoft.AspNetCore.Server.Kestrel",
  "exception": {
    "type": "System.Exception",
    "message": "An error was encountered while handling the remote login.",
    "stackTrace": "   at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler\u00601.HandleRequestAsync()\n   at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)\n   at NSwag.AspNetCore.Middlewares.OpenApiDocumentMiddleware.Invoke(HttpContext context)\n   at Squidex.Web.Pipeline.LocalCacheMiddleware.InvokeAsync(HttpContext context, ILocalCache localCache) in /src/src/Squidex.Web/Pipeline/LocalCacheMiddleware.cs:line 28\n   at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context)\n   at Squidex.Web.Pipeline.RequestLogPerformanceMiddleware.InvokeAsync(HttpContext context, ISemanticLog log) in /src/src/Squidex.Web/Pipeline/RequestLogPerformanceMiddleware.cs:line 54\n   at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication\u00601 application)"
  }
}

Sebastian · June 9, 2022, 9:35am

It is the same error, but thanks for the logs.

You could try docker tag dev-6923