++ add Gestione dietro reverse proxy

2026-04-13 12:30:33 +00:00
parent 5e98423e7a
commit 465e7cf092
8 changed files with 20 additions and 33 deletions
--- a/.env.example
+++ b/.env.example
@@ -3,7 +3,8 @@ APP_ENV=local
 APP_KEY=
 APP_DEBUG=true
 APP_TIMEZONE=Europe/Rome
-APP_URL=http://localhost:8080
+APP_URL=https://demo-termanager.pyconetwork.it
+ASSET_URL=https://demo-termanager.pyconetwork.it

 APP_PORT=8080
 SEED_DEV_DATA=false
--- a/app/Livewire/Settings/SettingsEdit.php
+++ b/app/Livewire/Settings/SettingsEdit.php
@@ -8,7 +8,6 @@ use App\Models\Setting;
 class SettingsEdit extends Component
 {
    public string $congregazione_nome = '';
-    public string $public_base_url = '';
    public int $giorni_giacenza_da_assegnare = 120;
    public int $giorni_giacenza_prioritari = 180;
    public int $giorni_per_smarrito = 120;
@@ -20,7 +19,6 @@ class SettingsEdit extends Component
    {
        $settings = Setting::instance();
        $this->congregazione_nome = $settings->congregazione_nome ?? '';
-        $this->public_base_url = $settings->public_base_url ?? '';
        $this->giorni_giacenza_da_assegnare = $settings->giorni_giacenza_da_assegnare ?? 120;
        $this->giorni_giacenza_prioritari = $settings->giorni_giacenza_prioritari ?? 180;
        $this->giorni_per_smarrito = $settings->giorni_per_smarrito ?? 120;
@@ -33,7 +31,6 @@ class SettingsEdit extends Component
    {
        return [
            'congregazione_nome' => 'required|string|max:255',
-            'public_base_url' => 'nullable|url|max:255',
            'giorni_giacenza_da_assegnare' => 'required|integer|min:1|max:730',
            'giorni_giacenza_prioritari' => 'required|integer|min:1|max:730',
            'giorni_per_smarrito' => 'required|integer|min:30|max:365',
@@ -50,7 +47,6 @@ class SettingsEdit extends Component
        $settings = Setting::instance();
        $settings->update([
            'congregazione_nome' => $this->congregazione_nome,
-            'public_base_url' => $this->public_base_url ?: null,
            'giorni_giacenza_da_assegnare' => $this->giorni_giacenza_da_assegnare,
            'giorni_giacenza_prioritari' => $this->giorni_giacenza_prioritari,
            'giorni_per_smarrito' => $this->giorni_per_smarrito,
--- a/app/Models/Assegnazione.php
+++ b/app/Models/Assegnazione.php
@@ -114,12 +114,6 @@ class Assegnazione extends Model
            ]
        );

-        $publicBase = Setting::getValue('public_base_url');
-        if ($publicBase) {
-            $parsed = parse_url($url);
-            $url = rtrim($publicBase, '/') . ($parsed['path'] ?? '') . (isset($parsed['query']) ? '?' . $parsed['query'] : '');
-        }
-
        return $url;
    }

--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -5,6 +5,7 @@ namespace App\Providers;
 use Illuminate\Support\ServiceProvider;
 use Illuminate\Support\Facades\Gate;
 use Illuminate\Support\Facades\Artisan;
+use Illuminate\Support\Facades\URL;

 class AppServiceProvider extends ServiceProvider
 {
@@ -15,6 +16,11 @@ class AppServiceProvider extends ServiceProvider

    public function boot(): void
    {
+        // Force HTTPS when behind a reverse proxy
+        if (str_starts_with(config('app.url'), 'https://')) {
+            URL::forceScheme('https');
+        }
+
        // Auto-generate APP_KEY if missing
        if (empty(config('app.key'))) {
            Artisan::call('key:generate', ['--force' => true]);
--- a/bootstrap/app.php
+++ b/bootstrap/app.php
@@ -3,6 +3,7 @@
 use Illuminate\Foundation\Application;
 use Illuminate\Foundation\Configuration\Exceptions;
 use Illuminate\Foundation\Configuration\Middleware;
+use Illuminate\Http\Request;

 return Application::configure(basePath: dirname(__DIR__))
    ->withRouting(
@@ -11,6 +12,14 @@ return Application::configure(basePath: dirname(__DIR__))
        health: '/up',
    )
    ->withMiddleware(function (Middleware $middleware) {
+        $middleware->trustProxies(
+            at: '*',
+            headers: Request::HEADER_X_FORWARDED_FOR
+                | Request::HEADER_X_FORWARDED_HOST
+                | Request::HEADER_X_FORWARDED_PORT
+                | Request::HEADER_X_FORWARDED_PROTO
+        );
+
        $middleware->alias([
            'role' => \Spatie\Permission\Middleware\RoleMiddleware::class,
            'permission' => \Spatie\Permission\Middleware\PermissionMiddleware::class,
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -60,19 +60,12 @@ services:
    networks:
      - termanager2
    depends_on:
-      mariadb:
+      app:
        condition: service_healthy
-      redis:
-        condition: service_healthy
-    command: ["php", "artisan", "queue:work", "redis", "--queue=default", "--sleep=1", "--tries=1", "--timeout=0"]
+    entrypoint: ["php"]
+    command: ["artisan", "queue:work", "redis", "--queue=default", "--sleep=1", "--tries=1", "--timeout=0"]
    environment:
      - PHP_OPCACHE_VALIDATE_TIMESTAMPS=1
-      - SEED_DEV_DATA=${SEED_DEV_DATA:-false}
-      - RUN_DB_SEED_ON_FIRST_START=${RUN_DB_SEED_ON_FIRST_START:-true}
-      - ENSURE_INITIAL_ADMIN_ON_EMPTY_DB=${ENSURE_INITIAL_ADMIN_ON_EMPTY_DB:-true}
-      - INITIAL_ADMIN_NAME=${INITIAL_ADMIN_NAME:-}
-      - INITIAL_ADMIN_EMAIL=${INITIAL_ADMIN_EMAIL:-}
-      - INITIAL_ADMIN_PASSWORD=${INITIAL_ADMIN_PASSWORD:-}

  mariadb:
    image: mariadb:11
@@ -85,8 +78,6 @@ services:
      MARIADB_ROOT_PASSWORD: ${DB_ROOT_PASSWORD:-rootsecret}
    volumes:
      - db_data:/var/lib/mysql
-    ports:
-      - "${DB_PORT:-3306}:3306"
    networks:
      - termanager2
    healthcheck:
@@ -102,8 +93,6 @@ services:
    command: redis-server --appendonly yes --requirepass ${REDIS_PASSWORD:-redissecret}
    volumes:
      - redis_data:/data
-    ports:
-      - "${REDIS_PORT:-6379}:6379"
    networks:
      - termanager2
    healthcheck:
--- a/docker/php/entrypoint.sh
+++ b/docker/php/entrypoint.sh
@@ -216,7 +216,6 @@ if [ "$ENSURE_INITIAL_ADMIN_ON_EMPTY_DB" = "true" ]; then
        --password="$INITIAL_ADMIN_PASSWORD_VALUE" \
        --no-interaction; then
        warn "Initial admin creation failed. Set INITIAL_ADMIN_NAME, INITIAL_ADMIN_EMAIL and INITIAL_ADMIN_PASSWORD."
-        exit 1
    fi
 else
    echo "[i] ENSURE_INITIAL_ADMIN_ON_EMPTY_DB=false, skipping initial admin creation check."
--- a/resources/views/livewire/settings/settings-edit.blade.php
+++ b/resources/views/livewire/settings/settings-edit.blade.php
@@ -28,13 +28,6 @@
                @error('congregazione_nome') <p class="text-red-500 text-xs mt-1">{{ $message }}</p> @enderror
            </div>

-            <div>
-                <label for="public_base_url" class="block text-sm font-medium text-gray-700">URL Pubblico (dominio)</label>
-                <p class="text-xs text-gray-500 mb-1">L'indirizzo con cui l'app è raggiungibile dall'esterno (es. https://territori.miacongregazione.it). Se vuoto, verrà usato l'URL corrente del server.</p>
-                <input wire:model="public_base_url" type="url" id="public_base_url" placeholder="https://esempio.com" class="mt-1 block w-full rounded-lg border-gray-300 shadow-sm focus:ring-indigo-500 focus:border-indigo-500 text-sm">
-                @error('public_base_url') <p class="text-red-500 text-xs mt-1">{{ $message }}</p> @enderror
-            </div>
-
            <div>
                <label for="giorni_giacenza_da_assegnare" class="block text-sm font-medium text-gray-700">Soglia Da Assegnare (giorni)</label>
                <p class="text-xs text-gray-500 mb-1">Dopo quanti giorni dal rientro un territorio compare nella lista "da assegnare".</p>