From c6cd329c2f2e66cafd5b92967c21afd67311c56a Mon Sep 17 00:00:00 2001 From: Vadym Samoilenko Date: Wed, 11 Mar 2026 13:02:04 +0000 Subject: [PATCH] Deploy to optical-dev.oliver.solutions - Update Azure redirect URI and CORS origins to optical-dev - Remove root requirement from deploy.sh, use chmod instead of chown - Make CORS_ORIGINS configurable via env var in docker-compose - Add Apache VirtualHost config for optical-dev.oliver.solutions Co-Authored-By: Claude Sonnet 4.6 --- .env.example | 4 ++-- deploy.sh | 7 +------ docker-compose.yml | 2 +- olivas-apache.conf | 43 +++++++++++++++++++++++++++++++++++++++++++ 4 files changed, 47 insertions(+), 9 deletions(-) create mode 100644 olivas-apache.conf diff --git a/.env.example b/.env.example index c11d0a6..883f7e6 100644 --- a/.env.example +++ b/.env.example @@ -8,7 +8,7 @@ UPLOAD_DIR=./data/uploads DEVICE=auto # auto | cpu | cuda # CORS -CORS_ORIGINS=http://localhost:1577 +CORS_ORIGINS=https://optical-dev.oliver.solutions # Server BACKEND_HOST=0.0.0.0 @@ -25,4 +25,4 @@ AZURE_CLIENT_ID=9079054c-9620-4757-a256-23413042f1ef # Frontend Azure AD (Vite env vars) VITE_AZURE_TENANT_ID=e519c2e6-bc6d-4fdf-8d9c-923c2f002385 VITE_AZURE_CLIENT_ID=9079054c-9620-4757-a256-23413042f1ef -VITE_AZURE_REDIRECT_URI=https://ai-sandbox.oliver.solutions/olivas +VITE_AZURE_REDIRECT_URI=https://optical-dev.oliver.solutions/olivas diff --git a/deploy.sh b/deploy.sh index 94049d0..9d4cbae 100755 --- a/deploy.sh +++ b/deploy.sh @@ -21,11 +21,6 @@ success() { printf '\033[1;32m[OK]\033[0m %s\n' "$*"; } # --------------------------------------------------------------------------- # 1. Preflight checks # --------------------------------------------------------------------------- -if [[ $EUID -ne 0 ]]; then - error "This script must be run as root." - exit 1 -fi - if ! command -v docker &>/dev/null; then error "docker is not installed." exit 1 @@ -124,7 +119,7 @@ info "Deploying frontend to $WEB_DIR..." mkdir -p "$WEB_DIR" rm -rf "${WEB_DIR:?}"/* cp -r "$REPO_DIR/frontend/dist/"* "$WEB_DIR/" -chown -R www-data:www-data "$WEB_DIR" +chmod -R a+rX "$WEB_DIR" success "Frontend deployed." # --------------------------------------------------------------------------- diff --git a/docker-compose.yml b/docker-compose.yml index 9128279..9602afc 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -23,7 +23,7 @@ services: DATABASE_URL: postgresql+asyncpg://olivas:olivas@postgres:5432/olivas UPLOAD_DIR: /app/data/uploads DEVICE: auto - CORS_ORIGINS: http://localhost:1577 + CORS_ORIGINS: ${CORS_ORIGINS:-http://localhost:1577} ANTHROPIC_API_KEY: ${ANTHROPIC_API_KEY:-} # Google Cloud Run — set these to enable Cloud Run offloading CLOUD_RUN_SALIENCY_URL: ${CLOUD_RUN_SALIENCY_URL:-} diff --git a/olivas-apache.conf b/olivas-apache.conf new file mode 100644 index 0000000..6c010fd --- /dev/null +++ b/olivas-apache.conf @@ -0,0 +1,43 @@ + + ServerName optical-dev.oliver.solutions + Redirect permanent / https://optical-dev.oliver.solutions/ + + + + ServerName optical-dev.oliver.solutions + + DocumentRoot /var/www/html/olivas + + # Required Apache modules: mod_proxy mod_proxy_http mod_rewrite mod_ssl mod_headers + + SSLEngine on + SSLCertificateFile /etc/letsencrypt/live/optical-dev.oliver.solutions/fullchain.pem + SSLCertificateKeyFile /etc/letsencrypt/live/optical-dev.oliver.solutions/privkey.pem + + # Proxy /api/ to FastAPI backend + ProxyPreserveHost On + ProxyPass /api/ http://127.0.0.1:8000/api/ + ProxyPassReverse /api/ http://127.0.0.1:8000/api/ + + # Forward real IP to backend + RequestHeader set X-Real-IP %{REMOTE_ADDR}s + RequestHeader set X-Forwarded-Proto https + + # SPA routing — serve index.html for non-file requests + + Options -Indexes +FollowSymLinks + AllowOverride None + Require all granted + RewriteEngine On + RewriteBase / + RewriteCond %{REQUEST_FILENAME} !-f + RewriteCond %{REQUEST_FILENAME} !-d + RewriteRule ^ index.html [L] + + + # Large file uploads (match nginx's 50M) + LimitRequestBody 52428800 + + ErrorLog ${APACHE_LOG_DIR}/olivas-error.log + CustomLog ${APACHE_LOG_DIR}/olivas-access.log combined +