From 8ae181d321d9f33288151b3d11b89e5f3562d176 Mon Sep 17 00:00:00 2001 From: Hendra Manudinata Date: Wed, 27 May 2026 16:12:24 +0700 Subject: [PATCH 1/5] fix(yjs-server): Handle auth cookie under HTTPS --- apps/yjs-server/src/index.ts | 32 +++++++++++++++++--------------- 1 file changed, 17 insertions(+), 15 deletions(-) diff --git a/apps/yjs-server/src/index.ts b/apps/yjs-server/src/index.ts index 9d32015..9698c82 100644 --- a/apps/yjs-server/src/index.ts +++ b/apps/yjs-server/src/index.ts @@ -280,32 +280,34 @@ export const yjsServer = async () => { ], async onAuthenticate(data) { - const cookie = data.requestHeaders.cookie; + const cookieString = data.requestHeaders.cookie || ""; const cookies = ( - cookie !== "" + cookieString !== "" ? Object.fromEntries( - cookie! + cookieString .split("; ") - .map((v) => v.split(/=(.*)/s).map(decodeURIComponent)), + .map((v) => v.split(/=(.*)/s).map(decodeURIComponent)) ) : {} - ) as { "authjs.session-token"?: string }; + ) as { + "authjs.session-token"?: string; + "__Secure-authjs.session-token"?: string; + }; - if ( - !cookies["authjs.session-token"] || - cookies["authjs.session-token"] === "" - ) + const token = cookies["authjs.session-token"] || cookies["__Secure-authjs.session-token"]; + + if (!token || token === "") { throw new Error("Unauthorized"); + } - const token = cookies["authjs.session-token"]; + const session = await db.query.sessions.findFirst({ + where: eq(schema.sessions.sessionToken, token), + }); - if ( - !(await db.query.sessions.findFirst({ - where: eq(schema.sessions.sessionToken, token), - })) - ) + if (!session) { throw new Error("You aint logged in bruv"); + } }, }); From c0c4426c3551ca8b5d0b7d713c07e035a51c5e73 Mon Sep 17 00:00:00 2001 From: Hendra Manudinata Date: Wed, 27 May 2026 16:13:07 +0700 Subject: [PATCH 2/5] fix(docker-compose): correct yjs docker image --- docker-compose.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yaml b/docker-compose.yaml index 491e119..e25f23e 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -69,7 +69,7 @@ services: yjs: container_name: enpitsu_yjs_server - image: rmecha/enpitsu-yjs-server:main + image: rmecha/enpitsu-yjs:main restart: always depends_on: web: From 03c7791ef7286e5251e045f1b091dddadaaff2f7 Mon Sep 17 00:00:00 2001 From: Hendra Manudinata Date: Wed, 27 May 2026 16:14:59 +0700 Subject: [PATCH 3/5] fix(docker-compose): Add container_name to all services --- docker-compose.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/docker-compose.yaml b/docker-compose.yaml index e25f23e..bdb2de1 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,5 +1,6 @@ services: db: + container_name: enpitsu_db image: postgres:16 restart: always healthcheck: @@ -18,6 +19,7 @@ services: - 5432:5432 cache: + container_name: enpitsu_redis image: redis:6.2-alpine healthcheck: test: ["CMD", "redis-cli", "--raw", "incr", "ping"] @@ -85,6 +87,7 @@ services: # - chibisafe: Chibisafe Web Interface # - chibisafe_server: Chibisafe Server sfs: + container_name: enpitsu_chibisafe_sfs image: halverneus/static-file-server:v1.8.3 ports: - "8002:8080" @@ -96,6 +99,7 @@ services: restart: unless-stopped chibisafe: + container_name: enpitsu_chibisafe image: chibisafe/chibisafe:latest environment: - BASE_API_URL=http://chibisafe_server:8000 @@ -106,6 +110,7 @@ services: restart: unless-stopped chibisafe_server: + container_name: enpitsu_chibisafe_server image: chibisafe/chibisafe-server:latest volumes: - chibisafe_db:/app/database:rw From 9693ba0202f383b0833afcd81bc98d5f245fd661 Mon Sep 17 00:00:00 2001 From: Hendra Manudinata Date: Wed, 27 May 2026 16:16:33 +0700 Subject: [PATCH 4/5] feat(docker-compose): use COMPOSE_PROFILE to enable Chibisafe --- .env.docker.example | 3 +++ docker-compose.yaml | 6 ++++++ 2 files changed, 9 insertions(+) diff --git a/.env.docker.example b/.env.docker.example index 245048e..7bc05a1 100644 --- a/.env.docker.example +++ b/.env.docker.example @@ -6,3 +6,6 @@ ENPITSU_CORS_ORIGIN="" ENPITSU_SPECIAL_ADMIN_USERS="" ENPITSU_RUNNING_EDITION="" ENPITSU_YJS_SERVER="" + +# Set this to "files" to enable Chibisafe +COMPOSE_PROFILE="" \ No newline at end of file diff --git a/docker-compose.yaml b/docker-compose.yaml index bdb2de1..d916e3b 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -89,6 +89,8 @@ services: sfs: container_name: enpitsu_chibisafe_sfs image: halverneus/static-file-server:v1.8.3 + profiles: + - files ports: - "8002:8080" volumes: @@ -101,6 +103,8 @@ services: chibisafe: container_name: enpitsu_chibisafe image: chibisafe/chibisafe:latest + profiles: + - files environment: - BASE_API_URL=http://chibisafe_server:8000 expose: @@ -112,6 +116,8 @@ services: chibisafe_server: container_name: enpitsu_chibisafe_server image: chibisafe/chibisafe-server:latest + profiles: + - files volumes: - chibisafe_db:/app/database:rw - chibisafe_uploads:/app/uploads:rw From faad583c78568cbb0ce6cf0c0a4a116b32b6ea96 Mon Sep 17 00:00:00 2001 From: Hendra Manudinata Date: Wed, 27 May 2026 16:18:19 +0700 Subject: [PATCH 5/5] feat(docker-compose): Add Nginx Proxy Manager --- docker-compose.yaml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/docker-compose.yaml b/docker-compose.yaml index d916e3b..915eb2d 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -128,6 +128,24 @@ services: - 8000:8000 restart: unless-stopped + # Nginx + nginx: + image: 'jc21/nginx-proxy-manager:latest' + container_name: enpitsu_nginx + restart: unless-stopped + + ports: + - '8080:80' + - '4433:443' + - '8181:81' + + environment: + TZ: "Asia/Jakarta" + + volumes: + - nginx_data:/data + - nginx_letsencrypt:/etc/letsencrypt + volumes: db: cache: @@ -135,3 +153,5 @@ volumes: chibisafe_db: chibisafe_uploads: chibisafe_logs: + nginx_data: + nginx_letsencrypt: