ClassroomCopilot/supabase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(kong): persist Supabase CORS config

Browse Source
This commit is contained in:
kcar 2026-05-27 16:51:28 +01:00
parent b758b40d85
commit bc674ea696
1 changed files with 371 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

378
volumes/api/kong.yml
View File

@ -44,6 +44,41 @@ services:
- /auth/v1/verify
plugins:
- name: cors
config:
origins:
- "https://app.classroomcopilot.ai"
- "https://api.classroomcopilot.ai"
- "http://192.168.0.74"
- "http://localhost:3000" # keep for local dev if needed
- "http://localhost:5173" # vite default
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
- HEAD
headers:
- Accept
- Accept-Profile
- Authorization
- Content-Type
- Content-Profile
- X-Client-Info
- X-Supabase-Api-Version
- apikey
- Prefer
- Range
- Range-Unit
- X-Requested-With
exposed_headers:
- Content-Range
- Content-Profile
- X-Total-Count
credentials: true
max_age: 3600
preflight_continue: false
- name: auth-v1-open-callback
url: http://auth:9999/callback
routes:
@ -53,6 +88,41 @@ services:
- /auth/v1/callback
plugins:
- name: cors
config:
origins:
- "https://app.classroomcopilot.ai"
- "https://api.classroomcopilot.ai"
- "http://192.168.0.74"
- "http://localhost:3000" # keep for local dev if needed
- "http://localhost:5173" # vite default
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
- HEAD
headers:
- Accept
- Accept-Profile
- Authorization
- Content-Type
- Content-Profile
- X-Client-Info
- X-Supabase-Api-Version
- apikey
- Prefer
- Range
- Range-Unit
- X-Requested-With
exposed_headers:
- Content-Range
- Content-Profile
- X-Total-Count
credentials: true
max_age: 3600
preflight_continue: false
- name: auth-v1-open-authorize
url: http://auth:9999/authorize
routes:
@ -62,7 +132,41 @@ services:
- /auth/v1/authorize
plugins:
- name: cors
config:
origins:
- "https://app.classroomcopilot.ai"
- "https://api.classroomcopilot.ai"
- "http://192.168.0.74"
- "http://localhost:3000" # keep for local dev if needed
- "http://localhost:5173" # vite default
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
- HEAD
headers:
- Accept
- Accept-Profile
- Authorization
- Content-Type
- Content-Profile
- X-Client-Info
- X-Supabase-Api-Version
- apikey
- Prefer
- Range
- Range-Unit
- X-Requested-With
exposed_headers:
- Content-Range
- Content-Profile
- X-Total-Count
credentials: true
max_age: 3600
preflight_continue: false
## Secure Auth routes
- name: auth-v1
_comment: 'GoTrue: /auth/v1/* -> http://auth:9999/*'
@ -74,6 +178,41 @@ services:
- /auth/v1/
plugins:
- name: cors
config:
origins:
- "https://app.classroomcopilot.ai"
- "https://api.classroomcopilot.ai"
- "http://192.168.0.74"
- "http://localhost:3000" # keep for local dev if needed
- "http://localhost:5173" # vite default
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
- HEAD
headers:
- Accept
- Accept-Profile
- Authorization
- Content-Type
- Content-Profile
- X-Client-Info
- X-Supabase-Api-Version
- apikey
- Prefer
- Range
- Range-Unit
- X-Requested-With
exposed_headers:
- Content-Range
- Content-Profile
- X-Total-Count
credentials: true
max_age: 3600
preflight_continue: false
- name: key-auth
config:
hide_credentials: false
@ -95,6 +234,41 @@ services:
- /rest/v1/
plugins:
- name: cors
config:
origins:
- "https://app.classroomcopilot.ai"
- "https://api.classroomcopilot.ai"
- "http://192.168.0.74"
- "http://localhost:3000" # keep for local dev if needed
- "http://localhost:5173" # vite default
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
- HEAD
headers:
- Accept
- Accept-Profile
- Authorization
- Content-Type
- Content-Profile
- X-Client-Info
- X-Supabase-Api-Version
- apikey
- Prefer
- Range
- Range-Unit
- X-Requested-With
exposed_headers:
- Content-Range
- Content-Profile
- X-Total-Count
credentials: true
max_age: 3600
preflight_continue: false
- name: key-auth
config:
hide_credentials: true
@ -116,6 +290,41 @@ services:
- /graphql/v1
plugins:
- name: cors
config:
origins:
- "https://app.classroomcopilot.ai"
- "https://api.classroomcopilot.ai"
- "http://192.168.0.74"
- "http://localhost:3000" # keep for local dev if needed
- "http://localhost:5173" # vite default
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
- HEAD
headers:
- Accept
- Accept-Profile
- Authorization
- Content-Type
- Content-Profile
- X-Client-Info
- X-Supabase-Api-Version
- apikey
- Prefer
- Range
- Range-Unit
- X-Requested-With
exposed_headers:
- Content-Range
- Content-Profile
- X-Total-Count
credentials: true
max_age: 3600
preflight_continue: false
- name: key-auth
config:
hide_credentials: true
@ -143,6 +352,41 @@ services:
- /realtime/v1/
plugins:
- name: cors
config:
origins:
- "https://app.classroomcopilot.ai"
- "https://api.classroomcopilot.ai"
- "http://192.168.0.74"
- "http://localhost:3000" # keep for local dev if needed
- "http://localhost:5173" # vite default
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
- HEAD
headers:
- Accept
- Accept-Profile
- Authorization
- Content-Type
- Content-Profile
- X-Client-Info
- X-Supabase-Api-Version
- apikey
- Prefer
- Range
- Range-Unit
- X-Requested-With
exposed_headers:
- Content-Range
- Content-Profile
- X-Total-Count
credentials: true
max_age: 3600
preflight_continue: false
- name: key-auth
config:
hide_credentials: false
@ -163,6 +407,41 @@ services:
- /realtime/v1/api
plugins:
- name: cors
config:
origins:
- "https://app.classroomcopilot.ai"
- "https://api.classroomcopilot.ai"
- "http://192.168.0.74"
- "http://localhost:3000" # keep for local dev if needed
- "http://localhost:5173" # vite default
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
- HEAD
headers:
- Accept
- Accept-Profile
- Authorization
- Content-Type
- Content-Profile
- X-Client-Info
- X-Supabase-Api-Version
- apikey
- Prefer
- Range
- Range-Unit
- X-Requested-With
exposed_headers:
- Content-Range
- Content-Profile
- X-Total-Count
credentials: true
max_age: 3600
preflight_continue: false
- name: key-auth
config:
hide_credentials: false
@ -183,7 +462,42 @@ services:
- /storage/v1/
plugins:
- name: cors
config:
origins:
- "https://app.classroomcopilot.ai"
- "https://api.classroomcopilot.ai"
- "http://192.168.0.74"
- "http://localhost:3000" # keep for local dev if needed
- "http://localhost:5173" # vite default
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
- HEAD
headers:
- Accept
- Accept-Profile
- Authorization
- Content-Type
- Content-Profile
- X-Client-Info
- X-Supabase-Api-Version
- apikey
- Prefer
- Range
- Range-Unit
- X-Requested-With
- x-upsert
exposed_headers:
- Content-Range
- Content-Profile
- X-Total-Count
credentials: true
max_age: 3600
preflight_continue: false
## Edge Functions routes
- name: functions-v1
_comment: 'Edge Functions: /functions/v1/* -> http://functions:9000/*'
@ -195,7 +509,41 @@ services:
- /functions/v1/
plugins:
- name: cors
config:
origins:
- "https://app.classroomcopilot.ai"
- "https://api.classroomcopilot.ai"
- "http://192.168.0.74"
- "http://localhost:3000" # keep for local dev if needed
- "http://localhost:5173" # vite default
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
- HEAD
headers:
- Accept
- Accept-Profile
- Authorization
- Content-Type
- Content-Profile
- X-Client-Info
- X-Supabase-Api-Version
- apikey
- Prefer
- Range
- Range-Unit
- X-Requested-With
exposed_headers:
- Content-Range
- Content-Profile
- X-Total-Count
credentials: true
max_age: 3600
preflight_continue: false
## Analytics routes
- name: analytics-v1
_comment: 'Analytics: /analytics/v1/* -> http://logflare:4000/*'
@ -243,25 +591,41 @@ services:
- name: cors
config:
origins:
- "http://localhost:3000"
- "http://127.0.0.1:3000"
- "https://app.classroomcopilot.ai"
- "https://api.classroomcopilot.ai"
- "http://192.168.0.74"
- "http://localhost:3000" # keep for local dev if needed
- "http://localhost:5173" # vite default
- "http://192.168.0.94:50001"
- "http://192.168.0.74"
methods:
- GET
- POST
- PUT
- PATCH
- DELETE
- OPTIONS
- HEAD
headers:
- Accept
- Accept-Profile
- Authorization
- Content-Type
- Content-Profile
- X-Client-Info
- X-Supabase-Api-Version
- apikey
- Mcp-Session-Id
- Prefer
- Range
- Range-Unit
- X-Requested-With
exposed_headers:
- Mcp-Session-Id
- Content-Range
- Content-Profile
- X-Total-Count
credentials: true
max_age: 3600
preflight_continue: false
## Protected Dashboard - catch all remaining routes
#- name: dashboard