feat: proxy admin panel via nginx port 80 to avoid exposing 8444
Route the panel through a secret subpath on port 80, remove the separate 8444 listener, and document common troubleshooting in docs. Co-authored-by: Cursor <cursoragent@cursor.com>
This commit is contained in:
@@ -17,6 +17,7 @@ from flask import (
|
||||
session,
|
||||
url_for,
|
||||
)
|
||||
from werkzeug.middleware.proxy_fix import ProxyFix
|
||||
|
||||
from db import add_node, delete_node, list_nodes, node_count, verify_admin
|
||||
from links import build_links, load_env
|
||||
@@ -44,6 +45,11 @@ app.config.update(
|
||||
PERMANENT_SESSION_LIFETIME=86400 * 7,
|
||||
)
|
||||
|
||||
_panel_path = os.environ.get("PANEL_PATH", "").strip().strip("/")
|
||||
if _panel_path:
|
||||
app.config["SESSION_COOKIE_PATH"] = f"/{_panel_path}/"
|
||||
app.wsgi_app = ProxyFix(app.wsgi_app, x_for=1, x_proto=1, x_host=1, x_prefix=1)
|
||||
|
||||
|
||||
def login_required(view):
|
||||
@wraps(view)
|
||||
|
||||
Reference in New Issue
Block a user