chk
/
AppFlowy-Cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: nginx conf to allow localhost:3000 to access api endpoint

This commit is contained in:
khorshuheng 2025-01-09 00:59:18 +08:00
parent 95b4560e73
commit f063c6ec1f
2 changed files with 29 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
doc/DEPLOYMENT.md
View File

@ -164,8 +164,18 @@ docker logs <NAME>
to be served on a different origin that the one used for AppFlowy Cloud (eg. if you are hosting `appflowy cloud` to be served on a different origin that the one used for AppFlowy Cloud (eg. if you are hosting `appflowy cloud`
on `appflowy.home.com`, `appflowy_web` may be hosted on `web.appflowy.home.com`). The source code and deployment on `appflowy.home.com`, `appflowy_web` may be hosted on `web.appflowy.home.com`). The source code and deployment
guide can be found in this [repository](https://github.com/AppFlowy-IO/AppFlowy-Web). guide can be found in this [repository](https://github.com/AppFlowy-IO/AppFlowy-Web).
- To prevent CORS issues, you will need to change `set $appflowy_web "http://localhost:3000";` in `nginx/nginx.conf` - To prevent CORS issues, you will need to add your AppFlowy Web origin. By default, we allow requests from `localhost:3000`,
to the origin where you are hosting `appflowy_web`. using, the configuration below:
```
map $http_origin $cors_origin {
# AppFlowy Web origin
"~^http://localhost:3000$" $http_origin;
default "null";
}
```
Replace `http://localhost:3000` with your AppFlowy Web origin.
## Ports ## Ports

37
nginx/nginx.conf
View File

@ -14,6 +14,12 @@ http {
'' close; '' close;
} }
map $http_origin $cors_origin {
# AppFlowy Web origin
"~^http://localhost:3000$" $http_origin;
default "null";
}
server { server {
listen 8080; listen 8080;
@ -33,7 +39,6 @@ http {
client_max_body_size 10M; client_max_body_size 10M;
underscores_in_headers on; underscores_in_headers on;
set $appflowy_web_origin "http://localhost:3000";
set $appflowy_cloud_backend "http://appflowy_cloud:8000"; set $appflowy_cloud_backend "http://appflowy_cloud:8000";
set $gotrue_backend "http://gotrue:9999"; set $gotrue_backend "http://gotrue:9999";
set $admin_frontend_backend "http://admin_frontend:3000"; set $admin_frontend_backend "http://admin_frontend:3000";
@ -66,19 +71,6 @@ http {
} }
# AppFlowy-Cloud # AppFlowy-Cloud
# created a separate location block for handling CORS preflight (OPTIONS) requests specifically for the /api endpoint.
location = /api/options {
if ($http_origin ~* ($appflowy_web_origin)) {
add_header 'Access-Control-Allow-Origin' $http_origin;
}
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE, PATCH';
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, Accept, Client-Version';
add_header 'Access-Control-Max-Age' 3600;
add_header 'Content-Type' 'text/plain; charset=utf-8';
add_header 'Content-Length' 0;
return 204;
}
location /api/chat { location /api/chat {
proxy_pass $appflowy_cloud_backend; proxy_pass $appflowy_cloud_backend;
@ -101,9 +93,7 @@ http {
proxy_set_header Host $http_host; proxy_set_header Host $http_host;
# Handle CORS # Handle CORS
if ($http_origin ~* ($appflowy_web_origin)) { add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Origin' $http_origin always;
}
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always; add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, Accept' always; add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, Accept' always;
add_header 'Access-Control-Max-Age' 3600 always; add_header 'Access-Control-Max-Age' 3600 always;
@ -130,10 +120,17 @@ http {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
# Set CORS headers for other requests # Set CORS headers for other requests
if ($http_origin ~* ($appflowy_web_origin)) {
add_header 'Access-Control-Allow-Origin' $http_origin always; if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, Accept, Client-Version' always;
add_header 'Access-Control-Max-Age' 3600 always;
return 204;
} }
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH' always;
add_header 'Access-Control-Allow-Origin' $cors_origin always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, PATCH, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, Accept, Client-Version' always; add_header 'Access-Control-Allow-Headers' 'Content-Type, Authorization, Accept, Client-Version' always;
add_header 'Access-Control-Max-Age' 3600 always; add_header 'Access-Control-Max-Age' 3600 always;