letsbe
/
monacousa-portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
monacousa-portal/docker/kong/kong.yml.template

451 lines
10 KiB
Plaintext
Raw Normal View History

Redesign deployment: only .env + docker-compose.yml needed on server Custom Docker images embed all config so production servers no longer need SQL files, kong.yml, or shell scripts. Kong generates config from env vars at startup. Migrate container auto-detects fresh vs existing DB and runs appropriate scripts. New images: monacousa-db, monacousa-kong, monacousa-migrate New commands: deploy.sh build-images, deploy.sh push-images Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 10:33:25 +01:00
_format_version: "2.1"
_transform: true
consumers:
- username: ANON
keyauth_credentials:
- key: __ANON_KEY__
- username: SERVICE_ROLE
keyauth_credentials:
- key: __SERVICE_ROLE_KEY__
acls:
- consumer: ANON
group: anon
- consumer: SERVICE_ROLE
group: admin
services:
- name: auth-verify-redirect
url: http://portal:3000/auth/verify
routes:
- name: auth-verify-redirect
strip_path: false
paths:
- /auth/verify
preserve_host: false
plugins:
- name: cors
Fix Kong CORS configuration for cross-origin requests - Add proper CORS configuration to all Kong routes - Allow portal.monacousa.org and localhost origins - Configure allowed methods, headers, and credentials - Fixes 'Cross-site POST form submissions are forbidden' error Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 13:50:36 +01:00
config:
origins:
- https://portal.monacousa.org
- http://localhost:7453
- http://localhost:3000
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
headers:
- Accept
- Accept-Version
- Authorization
- Content-Length
- Content-Type
- Date
- X-Auth-Token
- apikey
- x-client-info
exposed_headers:
- Content-Length
- Content-Range
credentials: true
max_age: 3600
Redesign deployment: only .env + docker-compose.yml needed on server Custom Docker images embed all config so production servers no longer need SQL files, kong.yml, or shell scripts. Kong generates config from env vars at startup. Migrate container auto-detects fresh vs existing DB and runs appropriate scripts. New images: monacousa-db, monacousa-kong, monacousa-migrate New commands: deploy.sh build-images, deploy.sh push-images Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 10:33:25 +01:00
- name: auth-v1-open
url: http://auth:9999/verify
routes:
- name: auth-v1-open
strip_path: true
paths:
- /auth/v1/verify
plugins:
- name: cors
Fix Kong CORS configuration for cross-origin requests - Add proper CORS configuration to all Kong routes - Allow portal.monacousa.org and localhost origins - Configure allowed methods, headers, and credentials - Fixes 'Cross-site POST form submissions are forbidden' error Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 13:50:36 +01:00
config:
origins:
- https://portal.monacousa.org
- http://localhost:7453
- http://localhost:3000
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
headers:
- Accept
- Accept-Version
- Authorization
- Content-Length
- Content-Type
- Date
- X-Auth-Token
- apikey
- x-client-info
exposed_headers:
- Content-Length
- Content-Range
credentials: true
max_age: 3600
Redesign deployment: only .env + docker-compose.yml needed on server Custom Docker images embed all config so production servers no longer need SQL files, kong.yml, or shell scripts. Kong generates config from env vars at startup. Migrate container auto-detects fresh vs existing DB and runs appropriate scripts. New images: monacousa-db, monacousa-kong, monacousa-migrate New commands: deploy.sh build-images, deploy.sh push-images Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 10:33:25 +01:00
- name: auth-v1-open-callback
url: http://auth:9999/callback
routes:
- name: auth-v1-open-callback
strip_path: true
paths:
- /auth/v1/callback
plugins:
- name: cors
Fix Kong CORS configuration for cross-origin requests - Add proper CORS configuration to all Kong routes - Allow portal.monacousa.org and localhost origins - Configure allowed methods, headers, and credentials - Fixes 'Cross-site POST form submissions are forbidden' error Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 13:50:36 +01:00
config:
origins:
- https://portal.monacousa.org
- http://localhost:7453
- http://localhost:3000
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
headers:
- Accept
- Accept-Version
- Authorization
- Content-Length
- Content-Type
- Date
- X-Auth-Token
- apikey
- x-client-info
exposed_headers:
- Content-Length
- Content-Range
credentials: true
max_age: 3600
Redesign deployment: only .env + docker-compose.yml needed on server Custom Docker images embed all config so production servers no longer need SQL files, kong.yml, or shell scripts. Kong generates config from env vars at startup. Migrate container auto-detects fresh vs existing DB and runs appropriate scripts. New images: monacousa-db, monacousa-kong, monacousa-migrate New commands: deploy.sh build-images, deploy.sh push-images Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 10:33:25 +01:00
- name: auth-v1-open-authorize
url: http://auth:9999/authorize
routes:
- name: auth-v1-open-authorize
strip_path: true
paths:
- /auth/v1/authorize
plugins:
- name: cors
Fix Kong CORS configuration for cross-origin requests - Add proper CORS configuration to all Kong routes - Allow portal.monacousa.org and localhost origins - Configure allowed methods, headers, and credentials - Fixes 'Cross-site POST form submissions are forbidden' error Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 13:50:36 +01:00
config:
origins:
- https://portal.monacousa.org
- http://localhost:7453
- http://localhost:3000
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
headers:
- Accept
- Accept-Version
- Authorization
- Content-Length
- Content-Type
- Date
- X-Auth-Token
- apikey
- x-client-info
exposed_headers:
- Content-Length
- Content-Range
credentials: true
max_age: 3600
Redesign deployment: only .env + docker-compose.yml needed on server Custom Docker images embed all config so production servers no longer need SQL files, kong.yml, or shell scripts. Kong generates config from env vars at startup. Migrate container auto-detects fresh vs existing DB and runs appropriate scripts. New images: monacousa-db, monacousa-kong, monacousa-migrate New commands: deploy.sh build-images, deploy.sh push-images Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 10:33:25 +01:00
- name: auth-v1
url: http://auth:9999/
routes:
- name: auth-v1
strip_path: true
paths:
- /auth/v1/
plugins:
- name: cors
Fix Kong CORS configuration for cross-origin requests - Add proper CORS configuration to all Kong routes - Allow portal.monacousa.org and localhost origins - Configure allowed methods, headers, and credentials - Fixes 'Cross-site POST form submissions are forbidden' error Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 13:50:36 +01:00
config:
origins:
- https://portal.monacousa.org
- http://localhost:7453
- http://localhost:3000
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
headers:
- Accept
- Accept-Version
- Authorization
- Content-Length
- Content-Type
- Date
- X-Auth-Token
- apikey
- x-client-info
exposed_headers:
- Content-Length
- Content-Range
credentials: true
max_age: 3600
Redesign deployment: only .env + docker-compose.yml needed on server Custom Docker images embed all config so production servers no longer need SQL files, kong.yml, or shell scripts. Kong generates config from env vars at startup. Migrate container auto-detects fresh vs existing DB and runs appropriate scripts. New images: monacousa-db, monacousa-kong, monacousa-migrate New commands: deploy.sh build-images, deploy.sh push-images Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 10:33:25 +01:00
- name: key-auth
config:
hide_credentials: false
- name: acl
config:
hide_groups_header: true
allow:
- admin
- anon
- name: rest-v1
url: http://rest:3000/
routes:
- name: rest-v1
strip_path: true
paths:
- /rest/v1/
plugins:
- name: cors
Fix Kong CORS configuration for cross-origin requests - Add proper CORS configuration to all Kong routes - Allow portal.monacousa.org and localhost origins - Configure allowed methods, headers, and credentials - Fixes 'Cross-site POST form submissions are forbidden' error Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 13:50:36 +01:00
config:
origins:
- https://portal.monacousa.org
- http://localhost:7453
- http://localhost:3000
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
headers:
- Accept
- Accept-Version
- Authorization
- Content-Length
- Content-Type
- Date
- X-Auth-Token
- apikey
- x-client-info
exposed_headers:
- Content-Length
- Content-Range
credentials: true
max_age: 3600
Redesign deployment: only .env + docker-compose.yml needed on server Custom Docker images embed all config so production servers no longer need SQL files, kong.yml, or shell scripts. Kong generates config from env vars at startup. Migrate container auto-detects fresh vs existing DB and runs appropriate scripts. New images: monacousa-db, monacousa-kong, monacousa-migrate New commands: deploy.sh build-images, deploy.sh push-images Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 10:33:25 +01:00
- name: key-auth
config:
hide_credentials: false
- name: acl
config:
hide_groups_header: true
allow:
- admin
- anon
- name: realtime-v1-ws
url: http://realtime:4000/socket
routes:
- name: realtime-v1-ws
strip_path: true
paths:
- /realtime/v1/websocket
plugins:
- name: cors
Fix Kong CORS configuration for cross-origin requests - Add proper CORS configuration to all Kong routes - Allow portal.monacousa.org and localhost origins - Configure allowed methods, headers, and credentials - Fixes 'Cross-site POST form submissions are forbidden' error Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 13:50:36 +01:00
config:
origins:
- https://portal.monacousa.org
- http://localhost:7453
- http://localhost:3000
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
headers:
- Accept
- Accept-Version
- Authorization
- Content-Length
- Content-Type
- Date
- X-Auth-Token
- apikey
- x-client-info
exposed_headers:
- Content-Length
- Content-Range
credentials: true
max_age: 3600
Redesign deployment: only .env + docker-compose.yml needed on server Custom Docker images embed all config so production servers no longer need SQL files, kong.yml, or shell scripts. Kong generates config from env vars at startup. Migrate container auto-detects fresh vs existing DB and runs appropriate scripts. New images: monacousa-db, monacousa-kong, monacousa-migrate New commands: deploy.sh build-images, deploy.sh push-images Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 10:33:25 +01:00
- name: key-auth
config:
hide_credentials: false
- name: acl
config:
hide_groups_header: true
allow:
- admin
- anon
- name: realtime-v1
url: http://realtime:4000/
routes:
- name: realtime-v1
strip_path: true
paths:
- /realtime/v1/
plugins:
- name: cors
Fix Kong CORS configuration for cross-origin requests - Add proper CORS configuration to all Kong routes - Allow portal.monacousa.org and localhost origins - Configure allowed methods, headers, and credentials - Fixes 'Cross-site POST form submissions are forbidden' error Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 13:50:36 +01:00
config:
origins:
- https://portal.monacousa.org
- http://localhost:7453
- http://localhost:3000
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
headers:
- Accept
- Accept-Version
- Authorization
- Content-Length
- Content-Type
- Date
- X-Auth-Token
- apikey
- x-client-info
exposed_headers:
- Content-Length
- Content-Range
credentials: true
max_age: 3600
Redesign deployment: only .env + docker-compose.yml needed on server Custom Docker images embed all config so production servers no longer need SQL files, kong.yml, or shell scripts. Kong generates config from env vars at startup. Migrate container auto-detects fresh vs existing DB and runs appropriate scripts. New images: monacousa-db, monacousa-kong, monacousa-migrate New commands: deploy.sh build-images, deploy.sh push-images Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 10:33:25 +01:00
- name: key-auth
config:
hide_credentials: false
- name: acl
config:
hide_groups_header: true
allow:
- admin
- anon
- name: storage-v1-public
url: http://storage:5000/object/public
routes:
- name: storage-v1-public
strip_path: true
paths:
- /storage/v1/object/public
plugins:
- name: cors
Fix Kong CORS configuration for cross-origin requests - Add proper CORS configuration to all Kong routes - Allow portal.monacousa.org and localhost origins - Configure allowed methods, headers, and credentials - Fixes 'Cross-site POST form submissions are forbidden' error Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 13:50:36 +01:00
config:
origins:
- https://portal.monacousa.org
- http://localhost:7453
- http://localhost:3000
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
headers:
- Accept
- Accept-Version
- Authorization
- Content-Length
- Content-Type
- Date
- X-Auth-Token
- apikey
- x-client-info
exposed_headers:
- Content-Length
- Content-Range
credentials: true
max_age: 3600
Redesign deployment: only .env + docker-compose.yml needed on server Custom Docker images embed all config so production servers no longer need SQL files, kong.yml, or shell scripts. Kong generates config from env vars at startup. Migrate container auto-detects fresh vs existing DB and runs appropriate scripts. New images: monacousa-db, monacousa-kong, monacousa-migrate New commands: deploy.sh build-images, deploy.sh push-images Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 10:33:25 +01:00
- name: storage-v1
url: http://storage:5000/
routes:
- name: storage-v1
strip_path: true
paths:
- /storage/v1/
plugins:
- name: cors
Fix Kong CORS configuration for cross-origin requests - Add proper CORS configuration to all Kong routes - Allow portal.monacousa.org and localhost origins - Configure allowed methods, headers, and credentials - Fixes 'Cross-site POST form submissions are forbidden' error Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-02-10 13:50:36 +01:00
config:
origins:
- https://portal.monacousa.org
- http://localhost:7453
- http://localhost:3000
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
headers:
- Accept
- Accept-Version
- Authorization
- Content-Length
- Content-Type
- Date
- X-Auth-Token
- apikey
- x-client-info
exposed_headers:
- Content-Length
- Content-Range
credentials: true
max_age: 3600
Redesign deployment: only .env + docker-compose.yml needed on server Custom Docker images embed all config so production servers no longer need SQL files, kong.yml, or shell scripts. Kong generates config from env vars at startup. Migrate container auto-detects fresh vs existing DB and runs appropriate scripts. New images: monacousa-db, monacousa-kong, monacousa-migrate New commands: deploy.sh build-images, deploy.sh push-images Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-02-06 10:33:25 +01:00
- name: key-auth
config:
hide_credentials: false
- name: acl
config:
hide_groups_header: true
allow:
- admin
- anon
- name: meta
url: http://meta:8080/
routes:
- name: meta
strip_path: true
paths:
- /pg/
plugins:
- name: key-auth
config:
hide_credentials: false
- name: acl
config:
hide_groups_header: true
allow:
- admin