ahmed-bakr1988/SaaS-PDF
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add Plausible and Google Site Verification support to environment configuration and update Content Security Policy in Nginx configurations

Browse Source
This commit is contained in:
Your Name
2026-03-10 12:08:20 +02:00
parent a388b448c8
commit 75e11df5fb
5 changed files with 21 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

BIN
backend/celerybeat-schedule
View File

Binary file not shown.

6
docker-compose.prod.yml
View File

@@ -103,11 +103,17 @@ services:
target: build
environment:
- VITE_GA_MEASUREMENT_ID=${VITE_GA_MEASUREMENT_ID:-}
- VITE_PLAUSIBLE_DOMAIN=${VITE_PLAUSIBLE_DOMAIN:-}
- VITE_PLAUSIBLE_SRC=${VITE_PLAUSIBLE_SRC:-https://plausible.io/js/script.js}
- VITE_GOOGLE_SITE_VERIFICATION=${VITE_GOOGLE_SITE_VERIFICATION:-}
- VITE_ADSENSE_CLIENT_ID=${VITE_ADSENSE_CLIENT_ID:-}
- VITE_ADSENSE_SLOT_HOME_TOP=${VITE_ADSENSE_SLOT_HOME_TOP:-}
- VITE_ADSENSE_SLOT_HOME_BOTTOM=${VITE_ADSENSE_SLOT_HOME_BOTTOM:-}
- VITE_ADSENSE_SLOT_TOP_BANNER=${VITE_ADSENSE_SLOT_TOP_BANNER:-}
- VITE_ADSENSE_SLOT_BOTTOM_BANNER=${VITE_ADSENSE_SLOT_BOTTOM_BANNER:-}
- VITE_FEATURE_EDITOR=${VITE_FEATURE_EDITOR:-true}
- VITE_FEATURE_OCR=${VITE_FEATURE_OCR:-true}
- VITE_FEATURE_REMOVEBG=${VITE_FEATURE_REMOVEBG:-true}
volumes:
- frontend_build:/app/dist

6
docker-compose.yml
View File

@@ -103,11 +103,17 @@ services:
environment:
- NODE_ENV=development
- VITE_GA_MEASUREMENT_ID=${VITE_GA_MEASUREMENT_ID:-}
- VITE_PLAUSIBLE_DOMAIN=${VITE_PLAUSIBLE_DOMAIN:-}
- VITE_PLAUSIBLE_SRC=${VITE_PLAUSIBLE_SRC:-https://plausible.io/js/script.js}
- VITE_GOOGLE_SITE_VERIFICATION=${VITE_GOOGLE_SITE_VERIFICATION:-}
- VITE_ADSENSE_CLIENT_ID=${VITE_ADSENSE_CLIENT_ID:-}
- VITE_ADSENSE_SLOT_HOME_TOP=${VITE_ADSENSE_SLOT_HOME_TOP:-}
- VITE_ADSENSE_SLOT_HOME_BOTTOM=${VITE_ADSENSE_SLOT_HOME_BOTTOM:-}
- VITE_ADSENSE_SLOT_TOP_BANNER=${VITE_ADSENSE_SLOT_TOP_BANNER:-}
- VITE_ADSENSE_SLOT_BOTTOM_BANNER=${VITE_ADSENSE_SLOT_BOTTOM_BANNER:-}
- VITE_FEATURE_EDITOR=${VITE_FEATURE_EDITOR:-true}
- VITE_FEATURE_OCR=${VITE_FEATURE_OCR:-true}
- VITE_FEATURE_REMOVEBG=${VITE_FEATURE_REMOVEBG:-true}
# --- Nginx Reverse Proxy ---
nginx:

2
nginx/nginx.conf
View File

@@ -17,7 +17,7 @@ server {
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: blob: https://pagead2.googlesyndication.com https://www.google-analytics.com; connect-src 'self' https://www.google-analytics.com https://pagead2.googlesyndication.com; frame-src https://googleads.g.doubleclick.net https://tpc.googlesyndication.com; frame-ancestors 'self'" always;
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.google-analytics.com https://plausible.io; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: blob: https://pagead2.googlesyndication.com https://www.google-analytics.com; connect-src 'self' https://www.google-analytics.com https://pagead2.googlesyndication.com https://plausible.io; frame-src https://googleads.g.doubleclick.net https://tpc.googlesyndication.com; frame-ancestors 'self'" always;
# API requests → Flask backend
location /api/ {

9
nginx/nginx.prod.conf
View File

@@ -30,7 +30,14 @@ server {
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Permissions-Policy "camera=(), microphone=(), geolocation=()" always;
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: blob: https://pagead2.googlesyndication.com https://www.google-analytics.com; connect-src 'self' https://www.google-analytics.com https://pagead2.googlesyndication.com; frame-src https://googleads.g.doubleclick.net https://tpc.googlesyndication.com; frame-ancestors 'self'" always;
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' https://pagead2.googlesyndication.com https://www.googletagmanager.com https://www.google-analytics.com https://plausible.io; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com; img-src 'self' data: blob: https://pagead2.googlesyndication.com https://www.google-analytics.com; connect-src 'self' https://www.google-analytics.com https://pagead2.googlesyndication.com https://plausible.io; frame-src https://googleads.g.doubleclick.net https://tpc.googlesyndication.com; frame-ancestors 'self'" always;
# SEO files — no cache, always fresh
location ~* ^/(sitemap\.xml|robots\.txt|llms\.txt|humans\.txt)$ {
root /usr/share/nginx/html;
expires 1d;
add_header Cache-Control "public, must-revalidate";
}
# Gzip
gzip on;