diff --git a/.env.docker.example b/.env.docker.example index 245048e..7bc05a1 100644 --- a/.env.docker.example +++ b/.env.docker.example @@ -6,3 +6,6 @@ ENPITSU_CORS_ORIGIN="" ENPITSU_SPECIAL_ADMIN_USERS="" ENPITSU_RUNNING_EDITION="" ENPITSU_YJS_SERVER="" + +# Set this to "files" to enable Chibisafe +COMPOSE_PROFILE="" \ No newline at end of file diff --git a/apps/yjs-server/src/index.ts b/apps/yjs-server/src/index.ts index 9d32015..9698c82 100644 --- a/apps/yjs-server/src/index.ts +++ b/apps/yjs-server/src/index.ts @@ -280,32 +280,34 @@ export const yjsServer = async () => { ], async onAuthenticate(data) { - const cookie = data.requestHeaders.cookie; + const cookieString = data.requestHeaders.cookie || ""; const cookies = ( - cookie !== "" + cookieString !== "" ? Object.fromEntries( - cookie! + cookieString .split("; ") - .map((v) => v.split(/=(.*)/s).map(decodeURIComponent)), + .map((v) => v.split(/=(.*)/s).map(decodeURIComponent)) ) : {} - ) as { "authjs.session-token"?: string }; + ) as { + "authjs.session-token"?: string; + "__Secure-authjs.session-token"?: string; + }; - if ( - !cookies["authjs.session-token"] || - cookies["authjs.session-token"] === "" - ) + const token = cookies["authjs.session-token"] || cookies["__Secure-authjs.session-token"]; + + if (!token || token === "") { throw new Error("Unauthorized"); + } - const token = cookies["authjs.session-token"]; + const session = await db.query.sessions.findFirst({ + where: eq(schema.sessions.sessionToken, token), + }); - if ( - !(await db.query.sessions.findFirst({ - where: eq(schema.sessions.sessionToken, token), - })) - ) + if (!session) { throw new Error("You aint logged in bruv"); + } }, }); diff --git a/docker-compose.yaml b/docker-compose.yaml index 491e119..915eb2d 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,5 +1,6 @@ services: db: + container_name: enpitsu_db image: postgres:16 restart: always healthcheck: @@ -18,6 +19,7 @@ services: - 5432:5432 cache: + container_name: enpitsu_redis image: redis:6.2-alpine healthcheck: test: ["CMD", "redis-cli", "--raw", "incr", "ping"] @@ -69,7 +71,7 @@ services: yjs: container_name: enpitsu_yjs_server - image: rmecha/enpitsu-yjs-server:main + image: rmecha/enpitsu-yjs:main restart: always depends_on: web: @@ -85,7 +87,10 @@ services: # - chibisafe: Chibisafe Web Interface # - chibisafe_server: Chibisafe Server sfs: + container_name: enpitsu_chibisafe_sfs image: halverneus/static-file-server:v1.8.3 + profiles: + - files ports: - "8002:8080" volumes: @@ -96,7 +101,10 @@ services: restart: unless-stopped chibisafe: + container_name: enpitsu_chibisafe image: chibisafe/chibisafe:latest + profiles: + - files environment: - BASE_API_URL=http://chibisafe_server:8000 expose: @@ -106,7 +114,10 @@ services: restart: unless-stopped chibisafe_server: + container_name: enpitsu_chibisafe_server image: chibisafe/chibisafe-server:latest + profiles: + - files volumes: - chibisafe_db:/app/database:rw - chibisafe_uploads:/app/uploads:rw @@ -117,6 +128,24 @@ services: - 8000:8000 restart: unless-stopped + # Nginx + nginx: + image: 'jc21/nginx-proxy-manager:latest' + container_name: enpitsu_nginx + restart: unless-stopped + + ports: + - '8080:80' + - '4433:443' + - '8181:81' + + environment: + TZ: "Asia/Jakarta" + + volumes: + - nginx_data:/data + - nginx_letsencrypt:/etc/letsencrypt + volumes: db: cache: @@ -124,3 +153,5 @@ volumes: chibisafe_db: chibisafe_uploads: chibisafe_logs: + nginx_data: + nginx_letsencrypt: