fix cert and image display issues
This commit is contained in:
@@ -9,13 +9,39 @@
|
||||
# - Frontend accessible on https://localhost (port 443)
|
||||
# - Backend API on http://localhost:3001
|
||||
# - Port 80 redirects to HTTPS
|
||||
#
|
||||
# IMPORTANT: Dual Hostname Configuration (localhost AND 127.0.0.1)
|
||||
# ============================================================================
|
||||
# The server_name directive includes BOTH 'localhost' and '127.0.0.1' to
|
||||
# prevent SSL certificate errors when resources use different hostnames.
|
||||
#
|
||||
# Problem Scenario:
|
||||
# 1. User accesses site via https://localhost/
|
||||
# 2. Database stores image URLs as https://127.0.0.1/flyer-images/...
|
||||
# 3. Browser treats these as different origins, showing ERR_CERT_AUTHORITY_INVALID
|
||||
#
|
||||
# Solution:
|
||||
# - mkcert generates certificates valid for: localhost, 127.0.0.1, ::1
|
||||
# - NGINX accepts requests to BOTH hostnames using the same certificate
|
||||
# - Users can access via either hostname without SSL warnings
|
||||
#
|
||||
# The self-signed certificate is generated in Dockerfile.dev with:
|
||||
# mkcert localhost 127.0.0.1 ::1
|
||||
#
|
||||
# This creates a certificate with Subject Alternative Names (SANs) for all
|
||||
# three hostnames, allowing NGINX to serve valid HTTPS for each.
|
||||
#
|
||||
# See also:
|
||||
# - Dockerfile.dev (certificate generation, ~line 69)
|
||||
# - docs/FLYER-URL-CONFIGURATION.md (URL configuration details)
|
||||
# - docs/development/DEBUGGING.md (SSL troubleshooting)
|
||||
# ============================================================================
|
||||
|
||||
# HTTPS Server (main)
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
server_name localhost;
|
||||
server_name localhost 127.0.0.1;
|
||||
|
||||
# SSL Configuration (self-signed certificates from mkcert)
|
||||
ssl_certificate /app/certs/localhost.crt;
|
||||
@@ -80,7 +106,7 @@ server {
|
||||
server {
|
||||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name localhost;
|
||||
server_name localhost 127.0.0.1;
|
||||
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user