matthias.lotz
712b8477b9
Backend: - Add hostGate middleware for host-based API protection - Extend rate limiter with publicUploadLimiter (20/hour) - Add source_host and source_type to audit logs - Database migration for audit log source tracking - Unit tests for hostGate middleware (10/20 passing) Frontend: - Add hostDetection utility for runtime host detection - Implement React code splitting with lazy loading - Update App.js with ProtectedRoute component - Customize 404 page for public vs internal hosts - Update env-config.js for host configuration Docker: - Add environment variables to prod/dev docker-compose - Configure ENABLE_HOST_RESTRICTION flags - Set PUBLIC_HOST and INTERNAL_HOST variables Infrastructure: - Prepared for nginx-proxy-manager setup - Trust proxy configuration (TRUST_PROXY_HOPS=1) Note: Some unit tests still need adjustment for ENV handling
11 lines
399 B
Plaintext
11 lines
399 B
Plaintext
# Frontend Environment Variables
|
|
|
|
# Currently no frontend-specific secrets are required. Add overrides (e.g. public API URLs)
|
|
# via `REACT_APP_*` variables only if they are safe to expose to browsers.
|
|
# Example:
|
|
# REACT_APP_PUBLIC_API_BASE=https://example.com
|
|
|
|
# Host Configuration (for public/internal separation)
|
|
PUBLIC_HOST=deinprojekt.hobbyhimmel.de
|
|
INTERNAL_HOST=deinprojekt.lan.hobbyhimmel.de
|