updates

2025-11-24 16:47:37 +02:00
parent d7ff5c71e6
commit 0b1cabcfaf
45 changed files with 2021 additions and 28 deletions
--- a/backEnd/nginx.conf.example
+++ b/backEnd/nginx.conf.example
@@ -2,9 +2,12 @@
 # This configuration shows how to set up nginx as a reverse proxy
 # to secure the Django API backend

-# Generate a secure API key for INTERNAL_API_KEY:
-# python -c "import secrets; print(secrets.token_urlsafe(32))"
-# Add this key to your Django .env file as INTERNAL_API_KEY
+# API Key Configuration:
+# - In DEBUG mode, Django will auto-generate a secure API key if not set
+# - To get the current API key, run: python manage.py show_api_key
+# - Add the key to your Django .env file as INTERNAL_API_KEY
+# - Use the same key in this nginx config (see line 69)
+# - In production, you MUST set INTERNAL_API_KEY explicitly in .env

 upstream django_backend {
    # Django backend running on internal network only
@@ -66,6 +69,8 @@ server {
        
        # Add custom header to prove request came through nginx
        # This value must match INTERNAL_API_KEY in Django settings
+        # Get the current key with: python manage.py show_api_key
+        # In development, Django auto-generates this key if not set
        set $api_key "YOUR_SECURE_API_KEY_HERE";
        proxy_set_header X-Internal-API-Key $api_key;
        
@@ -123,6 +128,7 @@ server {
        # deny all;
        
        # Same proxy settings as /api/
+        # Use the same API key as /api/ location above
        set $api_key "YOUR_SECURE_API_KEY_HERE";
        proxy_set_header X-Internal-API-Key $api_key;
        proxy_set_header Host $host;