gigafibre-fsm/apps/ops/infra/nginx.conf
louispaulb 1ed86e37ad fix: server-side API token injection + ticket modal empty state
- Move ERPNext API token from JS bundle to nginx proxy_set_header
  (token only lives on server, never in client code)
- Switch ops + field apps from auth.targo.ca to id.gigafibre.ca SSO
- Fix "Aucun contenu" showing on tickets that have comments but no
  description (check comments.length in v-if condition)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-30 23:31:58 -04:00

39 lines
1.2 KiB
Nginx Configuration File

server {
listen 80;
server_name _;
root /usr/share/nginx/html;
index index.html;
# ERPNext API proxy — token injected server-side (never in JS bundle)
# To rotate: edit this file + docker restart ops-frontend
location /api/ {
proxy_pass https://erp.gigafibre.ca;
proxy_ssl_verify off;
proxy_set_header Host erp.gigafibre.ca;
proxy_set_header Authorization "token b273a666c86d2d0:06120709db5e414";
proxy_set_header X-Authentik-Email $http_x_authentik_email;
proxy_set_header X-Authentik-Username $http_x_authentik_username;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
# SPA fallback — all routes serve index.html
location / {
try_files $uri $uri/ /index.html;
}
# No cache for index.html and service worker
location = /index.html {
add_header Cache-Control "no-cache, no-store, must-revalidate";
}
location = /sw.js {
add_header Cache-Control "no-cache, no-store, must-revalidate";
}
# Cache static assets (30 days, immutable)
location /assets/ {
expires 30d;
add_header Cache-Control "public, immutable";
}
}