fix production domain
Build & Deploy / Build & Push Docker Image (push) Successful in 2m57s
Test / Type Check (all packages) (push) Successful in 58s
Build & Deploy / Deploy to VPS (push) Successful in 4s
Test / API Unit Tests (push) Successful in 51s
Test / Homepage Unit Tests (push) Successful in 44s
Test / Storefront Unit Tests (push) Successful in 43s
Test / Admin Unit Tests (push) Successful in 43s
Test / Dashboard Unit Tests (push) Successful in 42s
Test / API Integration Tests (push) Successful in 1m2s

This commit is contained in:
root
2026-07-01 22:51:46 -04:00
parent 757ad41c9b
commit 30631504f1
5 changed files with 26 additions and 15 deletions
+1 -1
View File
@@ -1,5 +1,5 @@
# ── Traefik domains — used in docker-compose labels ────────────────────────── # ── Traefik domains — used in docker-compose labels ──────────────────────────
ACME_EMAIL=ops@example.com ACME_EMAIL=rentaldrivego@gmail.com
API_DOMAIN=api.rentaldrivego.ma API_DOMAIN=api.rentaldrivego.ma
PUBLIC_SITE_DOMAIN=rentaldrivego.ma PUBLIC_SITE_DOMAIN=rentaldrivego.ma
PGMANAGE_DOMAIN=pgmanage.rentaldrivego.ma PGMANAGE_DOMAIN=pgmanage.rentaldrivego.ma
+1 -1
View File
@@ -1,5 +1,5 @@
# Traefik domains # Traefik domains
ACME_EMAIL=ops@example.com ACME_EMAIL=rentaldrivego@gmail.com
API_DOMAIN=api.example.com API_DOMAIN=api.example.com
PUBLIC_SITE_DOMAIN=example.com PUBLIC_SITE_DOMAIN=example.com
PGMANAGE_DOMAIN=pgmanage.example.com PGMANAGE_DOMAIN=pgmanage.example.com
+1 -1
View File
@@ -1,5 +1,5 @@
# Traefik domains # Traefik domains
ACME_EMAIL=ops@example.com ACME_EMAIL=rentaldrivego@gmail.com
API_DOMAIN=api.rentaldrivego.ma API_DOMAIN=api.rentaldrivego.ma
PUBLIC_SITE_DOMAIN=rentaldrivego.ma PUBLIC_SITE_DOMAIN=rentaldrivego.ma
PGMANAGE_DOMAIN=pgmanage.rentaldrivego.ma PGMANAGE_DOMAIN=pgmanage.rentaldrivego.ma
+5 -5
View File
@@ -123,7 +123,7 @@ services:
restart: unless-stopped restart: unless-stopped
labels: labels:
- traefik.enable=true - traefik.enable=true
- traefik.http.routers.api.rule=Host(`${API_DOMAIN}`) && !HeadersRegexp(`x-middleware-subrequest`, `.+`) - traefik.http.routers.api.rule=Host(`${API_DOMAIN}`) && !HeaderRegexp(`x-middleware-subrequest`, `.+`)
- traefik.http.routers.api.entrypoints=websecure - traefik.http.routers.api.entrypoints=websecure
- traefik.http.routers.api.tls=true - traefik.http.routers.api.tls=true
- traefik.http.routers.api.tls.certresolver=letsencrypt - traefik.http.routers.api.tls.certresolver=letsencrypt
@@ -171,7 +171,7 @@ services:
restart: unless-stopped restart: unless-stopped
labels: labels:
- traefik.enable=true - traefik.enable=true
- traefik.http.routers.homepage.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && !HeadersRegexp(`x-middleware-subrequest`, `.+`) - traefik.http.routers.homepage.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && !HeaderRegexp(`x-middleware-subrequest`, `.+`)
- traefik.http.routers.homepage.entrypoints=websecure - traefik.http.routers.homepage.entrypoints=websecure
- traefik.http.routers.homepage.tls=true - traefik.http.routers.homepage.tls=true
- traefik.http.routers.homepage.tls.certresolver=letsencrypt - traefik.http.routers.homepage.tls.certresolver=letsencrypt
@@ -215,7 +215,7 @@ services:
restart: unless-stopped restart: unless-stopped
labels: labels:
- traefik.enable=true - traefik.enable=true
- traefik.http.routers.storefront.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && PathPrefix(`/explore`, `/renter`, `/sign-in`) - traefik.http.routers.storefront.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && (PathPrefix(`/explore`) || PathPrefix(`/renter`) || PathPrefix(`/sign-in`))
- traefik.http.routers.storefront.entrypoints=websecure - traefik.http.routers.storefront.entrypoints=websecure
- traefik.http.routers.storefront.tls=true - traefik.http.routers.storefront.tls=true
- traefik.http.routers.storefront.tls.certresolver=letsencrypt - traefik.http.routers.storefront.tls.certresolver=letsencrypt
@@ -259,7 +259,7 @@ services:
restart: unless-stopped restart: unless-stopped
labels: labels:
- traefik.enable=true - traefik.enable=true
- traefik.http.routers.dashboard.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && PathPrefix(`/dashboard`) && !HeadersRegexp(`x-middleware-subrequest`, `.+`) - traefik.http.routers.dashboard.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && PathPrefix(`/dashboard`) && !HeaderRegexp(`x-middleware-subrequest`, `.+`)
- traefik.http.routers.dashboard.entrypoints=websecure - traefik.http.routers.dashboard.entrypoints=websecure
- traefik.http.routers.dashboard.tls=true - traefik.http.routers.dashboard.tls=true
- traefik.http.routers.dashboard.tls.certresolver=letsencrypt - traefik.http.routers.dashboard.tls.certresolver=letsencrypt
@@ -303,7 +303,7 @@ services:
restart: unless-stopped restart: unless-stopped
labels: labels:
- traefik.enable=true - traefik.enable=true
- traefik.http.routers.admin.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && PathPrefix(`/admin`) && !HeadersRegexp(`x-middleware-subrequest`, `.+`) - traefik.http.routers.admin.rule=(Host(`${PUBLIC_SITE_DOMAIN}`) || Host(`www.${PUBLIC_SITE_DOMAIN}`)) && PathPrefix(`/admin`) && !HeaderRegexp(`x-middleware-subrequest`, `.+`)
- traefik.http.routers.admin.entrypoints=websecure - traefik.http.routers.admin.entrypoints=websecure
- traefik.http.routers.admin.tls=true - traefik.http.routers.admin.tls=true
- traefik.http.routers.admin.tls.certresolver=letsencrypt - traefik.http.routers.admin.tls.certresolver=letsencrypt
+18 -7
View File
@@ -10,6 +10,10 @@ PROJECT_NAME="${DOCKER_PROD_PROJECT_NAME:-rentaldrivego-prod}"
TRAEFIK_NETWORK="${DOCKER_PROD_TRAEFIK_NETWORK:-traefik-proxy}" TRAEFIK_NETWORK="${DOCKER_PROD_TRAEFIK_NETWORK:-traefik-proxy}"
VOLUME_BACKUP_IMAGE="${DOCKER_VOLUME_BACKUP_IMAGE:-postgres:16-alpine}" VOLUME_BACKUP_IMAGE="${DOCKER_VOLUME_BACKUP_IMAGE:-postgres:16-alpine}"
API_UPLOADS_VOLUME="${DOCKER_PROD_API_UPLOADS_VOLUME:-${PROJECT_NAME}_api_uploads}" API_UPLOADS_VOLUME="${DOCKER_PROD_API_UPLOADS_VOLUME:-${PROJECT_NAME}_api_uploads}"
DEFAULT_ACME_EMAIL="rentaldrivego@gmail.com"
DEFAULT_API_DOMAIN="api.rentaldrivego.ma"
DEFAULT_PUBLIC_SITE_DOMAIN="rentaldrivego.ma"
DEFAULT_CORS_ORIGINS="https://rentaldrivego.ma,https://www.rentaldrivego.ma"
ensure_env_file() { ensure_env_file() {
if [[ ! -f "${ENV_FILE}" ]]; then if [[ ! -f "${ENV_FILE}" ]]; then
@@ -71,6 +75,7 @@ load_prod_env_exports() {
local key local key
for key in \ for key in \
ACME_EMAIL \
APP_IMAGE \ APP_IMAGE \
APP_VERSION \ APP_VERSION \
IMAGE_TAG \ IMAGE_TAG \
@@ -86,8 +91,9 @@ load_prod_env_exports() {
} }
validate_prod_env_file() { validate_prod_env_file() {
local api_domain public_site_domain cors_origins postgres_password redis_password jwt_secret local acme_email api_domain public_site_domain cors_origins postgres_password redis_password jwt_secret
acme_email="$(read_env_value ACME_EMAIL)"
api_domain="$(read_env_value API_DOMAIN)" api_domain="$(read_env_value API_DOMAIN)"
public_site_domain="$(read_env_value PUBLIC_SITE_DOMAIN)" public_site_domain="$(read_env_value PUBLIC_SITE_DOMAIN)"
cors_origins="$(read_env_value CORS_ORIGINS)" cors_origins="$(read_env_value CORS_ORIGINS)"
@@ -95,18 +101,23 @@ validate_prod_env_file() {
redis_password="$(read_env_value REDIS_PASSWORD)" redis_password="$(read_env_value REDIS_PASSWORD)"
jwt_secret="$(read_env_value JWT_SECRET)" jwt_secret="$(read_env_value JWT_SECRET)"
if [[ -z "${api_domain}" || "${api_domain}" == *example.com* ]]; then if [[ "${acme_email}" != "${DEFAULT_ACME_EMAIL}" ]]; then
echo "Invalid API_DOMAIN in ${ENV_FILE}. Set it to the real production API hostname, not example.com." >&2 echo "Invalid ACME_EMAIL in ${ENV_FILE}. Set ACME_EMAIL=${DEFAULT_ACME_EMAIL} for Let's Encrypt." >&2
exit 1 exit 1
fi fi
if [[ -z "${public_site_domain}" || "${public_site_domain}" == *example.com* ]]; then if [[ "${api_domain}" != "${DEFAULT_API_DOMAIN}" ]]; then
echo "Invalid PUBLIC_SITE_DOMAIN in ${ENV_FILE}. Set it to the real production site hostname, not example.com." >&2 echo "Invalid API_DOMAIN in ${ENV_FILE}. Set API_DOMAIN=${DEFAULT_API_DOMAIN}." >&2
exit 1 exit 1
fi fi
if [[ -z "${cors_origins}" || "${cors_origins}" == *example.com* ]]; then if [[ "${public_site_domain}" != "${DEFAULT_PUBLIC_SITE_DOMAIN}" ]]; then
echo "Invalid CORS_ORIGINS in ${ENV_FILE}. Replace example.com origins with the real production domains." >&2 echo "Invalid PUBLIC_SITE_DOMAIN in ${ENV_FILE}. Set PUBLIC_SITE_DOMAIN=${DEFAULT_PUBLIC_SITE_DOMAIN}." >&2
exit 1
fi
if [[ "${cors_origins}" != "${DEFAULT_CORS_ORIGINS}" ]]; then
echo "Invalid CORS_ORIGINS in ${ENV_FILE}. Set CORS_ORIGINS=${DEFAULT_CORS_ORIGINS}." >&2
exit 1 exit 1
fi fi