e50ea88c08
- Invoice OCR migrated from Ollama (GPU-bound, local) to Gemini 2.5 Flash via new targo-hub /vision/invoice endpoint with responseSchema enforcement. Ops VM no longer needs a GPU. - Ops /j/* now has full camera scanner (TechScanPage) ported from apps/field with 8s timeout + offline queue + auto-link to Dispatch Job context on serial/barcode/MAC 3-tier lookup. - New TechDevicePage reached via /j/device/:serial showing every ERPNext entity related to a scanned device: Service Equipment, Customer, Service Location, active Subscription, open Issues, upcoming Dispatch Jobs, OLT info. - New docs/VISION_AND_OCR.md (full pipeline + §10 relationship graph + §8.1 secrets/rotation policy). Cross-linked from ARCHITECTURE, ROADMAP, HANDOFF, README. - Nginx /ollama/ proxy blocks removed from both ops + field. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
53 lines
1.7 KiB
Nginx Configuration File
53 lines
1.7 KiB
Nginx Configuration File
server {
|
|
listen 80;
|
|
server_name _;
|
|
root /usr/share/nginx/html;
|
|
index index.html;
|
|
|
|
# ERPNext API proxy — token injected server-side (never in JS bundle)
|
|
location /api/ {
|
|
proxy_pass https://erp.gigafibre.ca;
|
|
proxy_ssl_verify off;
|
|
proxy_set_header Host erp.gigafibre.ca;
|
|
proxy_set_header Authorization "token b273a666c86d2d0:06120709db5e414";
|
|
proxy_set_header X-Authentik-Email $http_x_authentik_email;
|
|
proxy_set_header X-Authentik-Username $http_x_authentik_username;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_set_header X-Forwarded-Proto https;
|
|
}
|
|
|
|
# NOTE: Ollama Vision proxy removed 2026-04-22 — all invoice OCR and
|
|
# barcode/equipment scans now go directly to targo-hub (Gemini 2.5 Flash).
|
|
# See docs/VISION_AND_OCR.md.
|
|
|
|
# Targo Hub API proxy — vision, devices, etc.
|
|
location /hub/ {
|
|
resolver 127.0.0.11 valid=10s;
|
|
set $hub_upstream http://targo-hub:3300;
|
|
proxy_pass $hub_upstream/;
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Authentik-Email $http_x_authentik_email;
|
|
proxy_set_header X-Authentik-Username $http_x_authentik_username;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_read_timeout 60s;
|
|
client_max_body_size 20m;
|
|
}
|
|
|
|
# SPA fallback
|
|
location / {
|
|
try_files $uri $uri/ /index.html;
|
|
}
|
|
|
|
location = /index.html {
|
|
add_header Cache-Control "no-cache, no-store, must-revalidate";
|
|
}
|
|
location = /sw.js {
|
|
add_header Cache-Control "no-cache, no-store, must-revalidate";
|
|
}
|
|
|
|
location /assets/ {
|
|
expires 30d;
|
|
add_header Cache-Control "public, immutable";
|
|
}
|
|
}
|