alexei.dolgolyov
3fa30f72a3
- Extract session cookie issuance into sessionCookies.ts helper; remove duplicated COOKIE_BASE blocks from login, register, oauth callback/authorize, refresh handler, hooks.server.ts, and onboarding. - Derive cookie secure flag from ORIGIN (https://...) instead of NODE_ENV so plain-HTTP production deploys don't silently drop cookies. - Auto-login admin after onboarding completes; UI does a full reload so hooks.server.ts picks up the new session. - Harden onboarding: reject duplicate admin creation, flip onboardingComplete atomically to prevent concurrent completions, error out if no admin found. - Fix Dockerfile CMD operator precedence: node build now always runs after migrate deploy || db push. - Wire ORIGIN env through docker-compose.
30 lines
813 B
YAML
30 lines
813 B
YAML
services:
|
|
web-app-launcher:
|
|
build: .
|
|
container_name: web-app-launcher
|
|
restart: unless-stopped
|
|
ports:
|
|
- '${APP_PORT:-3000}:3000'
|
|
environment:
|
|
- DATABASE_URL=file:/app/data/launcher.db
|
|
- JWT_SECRET=${JWT_SECRET:-change-me-to-a-random-64-char-string}
|
|
- JWT_EXPIRY=${JWT_EXPIRY:-15m}
|
|
- REFRESH_TOKEN_EXPIRY=${REFRESH_TOKEN_EXPIRY:-7d}
|
|
- GUEST_MODE=${GUEST_MODE:-true}
|
|
- HEALTHCHECK_CRON=${HEALTHCHECK_CRON:-*/5 * * * *}
|
|
- HEALTHCHECK_TIMEOUT_MS=${HEALTHCHECK_TIMEOUT_MS:-5000}
|
|
- NODE_ENV=production
|
|
- APP_PORT=3000
|
|
- APP_HOST=0.0.0.0
|
|
- ORIGIN=${ORIGIN:-http://localhost:${APP_PORT:-3000}}
|
|
volumes:
|
|
- launcher-data:/app/data
|
|
networks:
|
|
- launcher-net
|
|
|
|
volumes:
|
|
launcher-data:
|
|
|
|
networks:
|
|
launcher-net:
|