From d573846e5c7ecfe6179cdaa89412bf4524b8b862 Mon Sep 17 00:00:00 2001 From: echo Date: Tue, 24 Feb 2026 19:28:54 +0100 Subject: [PATCH] fix: configure CORS to allow frontend and PWA domains - Update backend main.ts to include www.placebo.mk in allowed origins - Add logging to show which origins are allowed - Set FRONTEND_URL, PWA_URL, STRAPI_URL env vars in docker-compose - This fixes 'No Access-Control-Allow-Origin header' CORS errors --- backend/src/main.ts | 6 +++++- docker-compose.coolify.yml | 5 +++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/backend/src/main.ts b/backend/src/main.ts index bb53919..20b8ab7 100644 --- a/backend/src/main.ts +++ b/backend/src/main.ts @@ -6,11 +6,15 @@ import { JwtAuthPublicGuard } from './modules/auth/jwt-auth-public.guard'; async function bootstrap() { const app = await NestFactory.create(AppModule); + // Build allowed origins list from environment variables const allowedOrigins = [ process.env.FRONTEND_URL ?? 'http://localhost:5173', + 'https://www.placebo.mk', // Also allow www subdomain process.env.PWA_URL ?? 'http://localhost:5174', process.env.STRAPI_URL ?? 'http://localhost:1337', - ]; + ].filter(Boolean); // Remove any undefined/null values + + console.log('CORS enabled for origins:', allowedOrigins); app.enableCors({ origin: allowedOrigins, diff --git a/docker-compose.coolify.yml b/docker-compose.coolify.yml index 824269a..87b868b 100644 --- a/docker-compose.coolify.yml +++ b/docker-compose.coolify.yml @@ -77,8 +77,9 @@ services: DATABASE_LOGGING: 'false' JWT_SECRET: ${JWT_SECRET} JWT_EXPIRATION: '86400' - CORS_ORIGIN: https://placebo.mk,https://www.placebo.mk,https://app.placebo.mk - STRAPI_URL: http://cms:1337 + FRONTEND_URL: https://placebo.mk + PWA_URL: https://app.placebo.mk + STRAPI_URL: https://cms.placebo.mk STRAPI_API_TOKEN: ${STRAPI_API_TOKEN} VAPID_SUBJECT: ${VAPID_SUBJECT:-mailto:contact@placebo.mk} VAPID_PUBLIC_KEY: ${VAPID_PUBLIC_KEY}