Puru
Do you experience "target unhealthy" issue for both frontend and backend deploys? How frequently does it occur; on every deployment or occasionally.
I don't think it's deceiving as the comment does say that Cloudflare terminates the SSL, which technically means encryption ends at Cloudflare. By default, Cloudflare uses **Flexible** mode, which means...
> So for this to work well with Cloudflare we need to set ssl: true and on cloudflare use the Full/Strict ssl mode? Yes, otherwise you will get constant redirect,...
> Also just to confirm, I and many others had hacked Kamal 1 to work with letsencrypt by running mkdir -p /letsencrypt && touch /letsencrypt/acme.json && chmod 600 /letsencrypt/acme.json on...
> It would be amazing if kamal-proxy had an easy built-in option to generate self-signed certificates as an option instead of letsencrypt which would allow full (but not strict) end-to-end...
@kirillrogovoy PR opened: https://github.com/basecamp/kamal/pull/1054
In the CKS curriculum, Network Policies is listed under `Cluster Setup` as: - Use Network security policies to restrict cluster-level access It make sense for this task to also be...
Interesting. In the Kamal documentation, it's correct in `kamal proxy` output but incorrectly mentioned again in boot configuration. - https://kamal-deploy.org/docs/commands/proxy/
Once this PR is merged, and documentation is updated, so it should be fine.
In which port is Hetzner LB listening on? Are targets behind Hetzner LB healthy? What's mode is SSL/TLS setting on Cloudflare?