Commit Graph

41 Commits

Author SHA1 Message Date
Rory Powell 786039055e File authentication using presigned URLs (#8883)
* file auth wip

* Private plugin bucket wip

* Add etag to logo request, fix circular dependency

* Resolve cyclic dependency

* Ensure browser doesn't cache custom component

* Global file fixes

* File fixes / remove permaUrl

* Add ctx local storage

* Enable presigned url to work from any host

* Test fix

* Self hosting w/ S3 + other fixes

* Fix for serving dev app in multi tenant

* Fix backup restore and import attachment url processing, never store attachment urls

* Test fixes

* Unit tests WIP

* Replace file path with base64 encoded private key

* Multi tenancy tests for files

* Environment files fixes

* Post-merge build and test fixes

* Add debug conditional to all jest logging and revert/fix prod minio proxy_pass

* Re-add default '/' minio route :(

* Rename iconFile -> iconFileName

* Add cloudfront vars to k8s templates

* Remove public bucket policy

* Remove duplicated test
2022-12-15 11:35:22 +00:00
mike12345567 cfbed0b236 Merge branch 'master' of github.com:Budibase/budibase into develop 2022-11-21 15:05:48 +00:00
mike12345567 d2f8a59b65 Updating proxy configuration for docker-compose, k8s and single image to allow longer timeout for app export requests. Also fixing an issue that blocked requests from getting to app-service. 2022-11-15 10:49:17 +00:00
Rory Powell 6783fd713e Update tenancy detection to honour any subdomain pattern according to platform url 2022-11-09 16:35:16 +00:00
mike12345567 ecb398bf98 Merge branch 'master' of github.com:Budibase/budibase into develop 2022-11-09 13:41:51 +00:00
mike12345567 62f65d3c16 Updating nginx conf to allow export a lot longer period before timeout. 2022-11-09 11:33:57 +00:00
Rory Powell a6157e2c45 Add budibase.net to CSP 2022-11-08 10:26:28 +00:00
mike12345567 6d72e51d16 Some fixes for CLI to get exporting/importing with different ports working, as well as a fix for access to minio through proxy. 2022-10-26 18:51:58 +01:00
Andrew Kingston be15aff40f Merge branch 'develop' of github.com:Budibase/budibase into plugins-dev-experience-websocket 2022-09-12 20:00:32 +01:00
Andrew Kingston 2e72eb4f2e Merge branch 'plugins-dev-experience' of github.com:Budibase/budibase into plugins-dev-experience-websocket 2022-09-07 12:07:25 +01:00
Andrew Kingston 0bc7ffe0a1 Update preview endpoint to be prefixed with /app to not require an updated proxy config 2022-09-07 10:40:00 +01:00
Rory Powell 5a34bda3e2 Configurable api rate limit through nginx 2022-09-05 09:54:07 +01:00
Rory Powell 6cee01ed74 Merge pull request #7622 from Budibase/configurable-api-rate-limit
Configurable api rate limit through nginx
2022-09-05 09:51:09 +01:00
Rory Powell dc35b0da78 Configurable api rate limit through nginx 2022-09-05 09:09:43 +01:00
Andrew Kingston a794e19dfc Update nginx confs and add to single image 2022-09-02 12:26:30 +01:00
Martin McKeaveney 02c93071ee merge 2022-08-30 10:33:37 +01:00
Rory Powell 50ae706953 Update NGINX access log to show upstream_response_time, proxy_host and upstream_addr 2022-08-26 13:18:38 +01:00
Andrew Kingston a4684b8ac4 Add preview endpoint to prod nginx conf 2022-08-23 08:50:36 +01:00
Rory Powell c94d916050 Add seperate rate limiting config for webhooks + environment variable support 2022-08-05 17:41:55 +01:00
Peter Clement 2b117a1a35 update csp to account for certain s3 addresses 2022-06-07 11:03:33 +01:00
Kacper eab84b4c63 Content Security Policy fix for S3 upload
CSP allows wildcard only at first element of FQDN, so policy `*.s3.*.amazonaws.com` is invalid cause it contains second wildcard in the middle of FQDN.

nginx.prod.conf.hbs is not parsed by real handlebarsJS but manual way with regex and replacements. It's impossible to use `{{#each}}` so I've hardcoded all regions available for S3 basing on documentation under: https://docs.aws.amazon.com/general/latest/gr/s3.html
2022-05-05 22:26:57 +02:00
Martin McKeaveney 70fce03c09 updating helm chart for storage classes 2022-04-27 12:42:57 +01:00
Rory Powell 9e7cec7c01 Merge branch 'develop' into labday/nginx-error-page 2022-04-25 16:30:24 +01:00
Martin McKeaveney 2050645d80 fix CSP variables 2022-04-04 15:22:31 +01:00
Rory Powell 5d2205a9bb Add static html error page to nginx for 502, 503, 504 2022-03-31 15:58:45 +01:00
Martin McKeaveney c86daa60c8 adding string interpolation syntax in NGINX 2022-03-31 12:13:42 +01:00
Martin McKeaveney f786701c7a adding intercom kit to CSP, and variables 2022-03-31 12:09:55 +01:00
Andrew Kingston cd84bd3f54 Allow data URI's for image sources and font sources 2022-03-28 16:08:25 +01:00
Rory Powell 5851525c88 Merge branch 'master' into fix/cross-tenant-apps-with-session 2022-03-23 16:45:36 +00:00
Rory Powell a68abf2730 Fix cross tenant apps with session 2022-03-23 16:45:06 +00:00
Martin McKeaveney e2d9811474 increasing client max body size for uploads 2022-03-21 15:24:39 +00:00
Martin McKeaveney 14cffcd6ff merge 2022-03-08 12:40:41 +01:00
Martin McKeaveney 975eb0b99e merge from master 2022-03-08 12:34:27 +01:00
mike12345567 63bb4f34c4 Merge branch 'master' of github.com:Budibase/budibase into develop 2022-03-04 11:25:32 +00:00
Martin McKeaveney 81f34a50fa allowing iframes from HTTPS URLs 2022-03-02 22:43:41 +01:00
Martin McKeaveney 1cbca0578a removing need for handlebars in nginx script, automating proxy service deployment 2022-02-22 13:24:21 +01:00
Rory Powell 0f3df713d0 Replace location specific with global http host rule 2022-02-21 10:46:45 +00:00
Rory Powell bd73f8fd25 Forward Host header to worker and server through NGINX 2022-02-21 10:22:26 +00:00
Martin McKeaveney b259bcc9b6 updated CSP to allow font awesome 2022-02-16 16:54:15 +01:00
Martin McKeaveney a7a82dc679 adding k8s resolver and updating watchtower variable 2022-02-16 15:33:57 +01:00
Martin McKeaveney a85f667dbe templatize nginx configuration into one prod configuration and add NPM scripts to manage 2022-02-16 14:12:53 +01:00