4nk/lecoffre_node
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ci: docker_tag=ext chore: sync conf/docs (CORS, redirect authorized-client)

Browse Source
This commit is contained in:
Nicolas Cantu 2025-09-18 15:01:38 +00:00
parent af89806d40
commit dd43fde106
3 changed files with 59 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.env.exemple
View File

@ -40,12 +40,13 @@ NEXT_PUBLIC_API_URL=https://dev4.4nkweb.com/api
NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=28c9a3a8151bef545ebf700ca5222c63d0031ad593097e95c1de202464304a99 NEXT_PUBLIC_DEFAULT_VALIDATOR_ID=28c9a3a8151bef545ebf700ca5222c63d0031ad593097e95c1de202464304a99
NEXT_PUBLIC_DEFAULT_STORAGE_URLS=https://dev4.4nkweb.com/storage NEXT_PUBLIC_DEFAULT_STORAGE_URLS=https://dev4.4nkweb.com/storage
SIGNER_BASE_URL=https://dev3.4nkweb.com/signer/ SIGNER_BASE_URL=https://dev3.4nkweb.com/signer/
CORS_ALLOWED_ORIGINS=http://local.4nkweb.com:3000,https://dev4.4nkweb.com
# WS # WS
# RELAY_URLS=wss://demo.4nkweb.com/ws # RELAY_URLS=wss://demo.4nkweb.com/ws
RELAY_URLS=wss://dev4.4nkweb.com/ws RELAY_URLS=wss://dev4.4nkweb.com/ws
# SIGNER_WS_URL=https://dev4.4nkweb.com/signer/ # SIGNER_WS_URL=ws://dev4.4nkweb.com/signer/
SIGNER_WS_URL=https://dev3.4nkweb.com/signer/ SIGNER_WS_URL=ws://dev3.4nkweb.com
# IHM URLS # IHM URLS
@ -85,4 +86,4 @@ STRIPE_STANDARD_ANNUAL_SUBSCRIPTION_PRICE_ID=
STRIPE_UNLIMITED_SUBSCRIPTION_PRICE_ID= STRIPE_UNLIMITED_SUBSCRIPTION_PRICE_ID=
STRIPE_UNLIMITED_ANNUAL_SUBSCRIPTION_PRICE_ID= STRIPE_UNLIMITED_ANNUAL_SUBSCRIPTION_PRICE_ID=
SIGNER_API_KEY=your_signer_api_key_here SIGNER_API_KEY=your-api-key-change-this

53
conf/nginx/dev4.4nkweb.com.conf
View File

@ -21,7 +21,32 @@ server {
} }
# API direct - route /api/ vers le backend # API direct - route /api/ vers le backend
# Autorisations CORS dynamiques pour origines connues
set $cors_origin "";
if ($http_origin ~* ^(http://local\.4nkweb\.com:3000|https://dev4\.4nkweb\.com)$) {
set $cors_origin $http_origin;
}
location /api/ { location /api/ {
# CORS pour développement local Next.js
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header Access-Control-Allow-Methods;
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $cors_origin always;
add_header Access-Control-Allow-Credentials "true" always;
add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always;
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
return 204;
}
add_header Access-Control-Allow-Origin $cors_origin always;
add_header Access-Control-Allow-Credentials "true" always;
add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always;
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
proxy_pass http://127.0.0.1:8080/api/; proxy_pass http://127.0.0.1:8080/api/;
include /etc/nginx/proxy_params; include /etc/nginx/proxy_params;
proxy_read_timeout 300; proxy_read_timeout 300;
@ -29,6 +54,34 @@ server {
proxy_send_timeout 300; proxy_send_timeout 300;
} }
# Compat: certains clients appellent /apiv1 -> réécriture vers /api/v1
location ~* ^/apiv1/(.*)$ {
# CORS pour compatibilité
proxy_hide_header Access-Control-Allow-Origin;
proxy_hide_header Access-Control-Allow-Credentials;
proxy_hide_header Access-Control-Allow-Headers;
proxy_hide_header Access-Control-Allow-Methods;
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $cors_origin always;
add_header Access-Control-Allow-Credentials "true" always;
add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always;
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
return 204;
}
add_header Access-Control-Allow-Origin $cors_origin always;
add_header Access-Control-Allow-Credentials "true" always;
add_header Access-Control-Allow-Headers "Content-Type, x-session-id, Authorization" always;
add_header Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS" always;
proxy_pass http://127.0.0.1:8080/api/v1/$1;
include /etc/nginx/proxy_params;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_send_timeout 300;
}
# ihm_client (root) # ihm_client (root)
location / { location / {
proxy_pass http://127.0.0.1:3003; proxy_pass http://127.0.0.1:3003;

4
docs/DEPLOIEMENT_dev4.md
View File

@ -12,8 +12,8 @@
- Next.js: basePath /lecoffre, build production, NODE_OPTIONS max-old-space-size 2048 - Next.js: basePath /lecoffre, build production, NODE_OPTIONS max-old-space-size 2048
- Extraits .env pertinents: - Extraits .env pertinents:
- RELAY_URLS wss://dev4.4nkweb.com/ws - RELAY_URLS wss://dev4.4nkweb.com/ws
- SIGNER_WS_URL https://dev4.4nkweb.com/signer/ - SIGNER_WS_URL ws://dev4.4nkweb.com/signer/
- VITE_BOOTSTRAPURL https://dev4.4nkweb.com/ws - VITE_BOOTSTRAPURL ws://dev4.4nkweb.com/ws
- Correction 502: build Next terminé, Nginx OK - Correction 502: build Next terminé, Nginx OK
## Redirection locale depuis local.4nkweb.com:3000 ## Redirection locale depuis local.4nkweb.com:3000