From 9e253a2d094c6c356517b0494300c71b1fe7c159 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Thu, 4 Sep 2025 13:45:57 +0200 Subject: [PATCH] Bluesky: Patch hardcoded IPCC_URL and proxy /ipcc - Added Ansible replace task to override IPCC_URL in geolocation.tsx to same-origin '/ipcc' - Extended Nginx extra_locations.conf to proxy /ipcc requests to https://bsky.app/ipcc - Ensures frontend avoids CORS errors when fetching IP geolocation See: https://chatgpt.com/share/68b97be3-0278-800f-9ee0-94389ca3ac0c --- roles/web-app-bluesky/tasks/02_social_app.yml | 9 +++++++++ .../templates/extra_locations.conf.j2 | 15 ++++++++++++++- 2 files changed, 23 insertions(+), 1 deletion(-) diff --git a/roles/web-app-bluesky/tasks/02_social_app.yml b/roles/web-app-bluesky/tasks/02_social_app.yml index d3e11800..518a498c 100644 --- a/roles/web-app-bluesky/tasks/02_social_app.yml +++ b/roles/web-app-bluesky/tasks/02_social_app.yml @@ -16,3 +16,12 @@ notify: - docker compose build - docker compose up + +- name: Force IPCC_URL to same-origin /ipcc + ansible.builtin.replace: + path: "{{ BLUESKY_SOCIAL_APP_DIR }}/src/state/geolocation.tsx" + regexp: '^\s*const\s+IPCC_URL\s*=\s*.*$' + replace: "const IPCC_URL = '/ipcc'" + notify: + - docker compose build + - docker compose up diff --git a/roles/web-app-bluesky/templates/extra_locations.conf.j2 b/roles/web-app-bluesky/templates/extra_locations.conf.j2 index 11d41cfd..2c14937e 100644 --- a/roles/web-app-bluesky/templates/extra_locations.conf.j2 +++ b/roles/web-app-bluesky/templates/extra_locations.conf.j2 @@ -13,4 +13,17 @@ location = /config { proxy_hide_header Access-Control-Allow-Origin; add_header Access-Control-Allow-Origin $scheme://$host always; add_header Vary Origin always; -} \ No newline at end of file +} + +location = /ipcc { + proxy_pass https://bsky.app/ipcc; + set $up_host "bsky.app"; + proxy_set_header Host $up_host; + proxy_http_version 1.1; + proxy_set_header Connection ""; + proxy_ssl_server_name on; + + proxy_hide_header Access-Control-Allow-Origin; + add_header Access-Control-Allow-Origin $scheme://$host always; + add_header Vary Origin always; +}