Sanitize envs, optimize Dockerfile, Turnstile
Redact sensitive AWS keys in backend/.env.example and add VITE_TURNSTILE_SITE_KEY and VITE_USE_TURNSTILE to frontend/.env.example. Optimize backend Dockerfile by installing Python requirements immediately after copying requirements.txt (enables Docker cache) and remove the duplicate later install. Update turnstile verification to skip checks when USE_SSL is disabled (dev/non-HTTPS) and keep the existing no-secret bypass; add debug logging for the SSL bypass.
This commit is contained in:
David Bruno Vontor
@@ -18,6 +18,8 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
COPY requirements.txt .
|
||||
RUN pip install --no-cache-dir -r requirements.txt
|
||||
|
||||
COPY . .
|
||||
|
||||
# Trust Windows/corporate root CAs if present (optional, no-op when certs/ is absent)
|
||||
@@ -26,6 +28,4 @@ RUN test -f certs/windows-ca-bundle.crt \
|
||||
&& update-ca-certificates \
|
||||
|| true
|
||||
|
||||
RUN pip install --no-cache-dir -r requirements.txt
|
||||
|
||||
EXPOSE 8000
|
||||
|
||||
Reference in New Issue
Block a user