Kingsmai/pokopiawiki.tootaio.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(config): support multiple CORS origins and dynamic docker env vars

Browse Source 
Parse comma-separated origins in FRONTEND_ORIGIN for Fastify CORS
Use host environment variables with fallbacks in docker-compose
Add Cloudflared tunnel deployment examples to .env.example
This commit is contained in:
xiaomai
2026-05-03 19:22:38 +08:00
parent 72ddae6f9d
commit 3a8a61487a
3 changed files with 26 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
.env.example
View File

@@ -6,8 +6,15 @@ BACKEND_PORT=3001
TRUST_PROXY=false TRUST_PROXY=false
FRONTEND_ORIGIN=http://localhost:20015 FRONTEND_ORIGIN=http://localhost:20015
APP_ORIGIN=http://localhost:20015 APP_ORIGIN=http://localhost:20015
VITE_API_BASE_URL=http://localhost:3001 BACKEND_PUBLIC_ORIGIN=http://localhost:20016
VITE_API_BASE_URL=http://localhost:20016
VITE_SITE_URL=https://pokopiawiki.tootaio.com VITE_SITE_URL=https://pokopiawiki.tootaio.com
RESEND_API_KEY= RESEND_API_KEY=
EMAIL_FROM="Pokopia Wiki <onboarding@resend.dev>" EMAIL_FROM="Pokopia Wiki <onboarding@resend.dev>"
AI_MODERATION_API_KEY= AI_MODERATION_API_KEY=
# Cloudflared tunnel deployment example:
# FRONTEND_ORIGIN=https://pokopiawiki.tootaio.com,http://localhost:20015
# APP_ORIGIN=https://pokopiawiki.tootaio.com
# BACKEND_PUBLIC_ORIGIN=https://api-pokopiawiki.tootaio.com
# VITE_API_BASE_URL=https://api-pokopiawiki.tootaio.com

16
backend/src/server.ts
View File

@@ -128,10 +128,24 @@ const app = Fastify({
trustProxy: process.env.TRUST_PROXY === 'true' trustProxy: process.env.TRUST_PROXY === 'true'
}); });
function configuredCorsOrigin(): true | string | string[] {
const rawOrigin = process.env.FRONTEND_ORIGIN?.trim();
if (!rawOrigin) {
return true;
}
const origins = rawOrigin
.split(',')
.map((origin) => origin.trim())
.filter(Boolean);
return origins.length <= 1 ? (origins[0] ?? true) : origins;
}
await app.register(cors, { await app.register(cors, {
allowedHeaders: ['Authorization', 'Content-Type', 'X-Locale'], allowedHeaders: ['Authorization', 'Content-Type', 'X-Locale'],
methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'], methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS'],
origin: process.env.FRONTEND_ORIGIN ?? true origin: configuredCorsOrigin()
}); });
await app.register(rateLimit, { await app.register(rateLimit, {

6
docker-compose.yml
View File

@@ -21,10 +21,10 @@ services:
DATABASE_URL: postgres://pokopia:pokopia@postgres:5432/pokopia DATABASE_URL: postgres://pokopia:pokopia@postgres:5432/pokopia
BACKEND_PORT: 3001 BACKEND_PORT: 3001
TRUST_PROXY: ${TRUST_PROXY:-false} TRUST_PROXY: ${TRUST_PROXY:-false}
FRONTEND_ORIGIN: http://localhost:20015 FRONTEND_ORIGIN: ${FRONTEND_ORIGIN:-http://localhost:20015}
APP_ORIGIN: http://localhost:20015 APP_ORIGIN: ${APP_ORIGIN:-http://localhost:20015}
UPLOAD_DIR: /app/uploads UPLOAD_DIR: /app/uploads
BACKEND_PUBLIC_ORIGIN: http://localhost:20016 BACKEND_PUBLIC_ORIGIN: ${BACKEND_PUBLIC_ORIGIN:-http://localhost:20016}
RESEND_API_KEY: ${RESEND_API_KEY:-} RESEND_API_KEY: ${RESEND_API_KEY:-}
EMAIL_FROM: "${EMAIL_FROM:-Pokopia Wiki <onboarding@resend.dev>}" EMAIL_FROM: "${EMAIL_FROM:-Pokopia Wiki <onboarding@resend.dev>}"
ports: ports: