gnx/GNX-WEB
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

updates

Browse Source
This commit is contained in:
Iliyan Angelov
2025-12-10 01:36:00 +02:00
parent 2f6dca736a
commit 6a9e823402
84 changed files with 5293 additions and 1836 deletions
Download Patch File Download Diff File Expand all files Collapse all files

125
frontEnd/next.config.js
View File

@@ -1,8 +1,12 @@
/** @type {import('next').NextConfig} */
const nextConfig = {
// Enable standalone output for Docker
// Enable standalone output for optimized production deployment
output: 'standalone',
images: {
// Disable image optimization - nginx serves images directly
// This prevents 400 errors from Next.js trying to optimize relative URLs
// Images are already optimized and served efficiently by nginx
unoptimized: true,
remotePatterns: [
{
protocol: 'http',
@@ -33,15 +37,60 @@ const nextConfig = {
hostname: 'images.unsplash.com',
pathname: '/**',
},
// Add your production domain when ready
// {
// protocol: 'https',
// hostname: 'your-api-domain.com',
// pathname: '/media/**',
// },
// Production domain configuration
{
protocol: 'https',
hostname: 'gnxsoft.com',
pathname: '/media/**',
},
{
protocol: 'https',
hostname: 'gnxsoft.com',
pathname: '/images/**',
},
{
protocol: 'https',
hostname: 'gnxsoft.com',
pathname: '/_next/static/**',
},
{
protocol: 'http',
hostname: 'gnxsoft.com',
pathname: '/media/**',
},
{
protocol: 'http',
hostname: 'gnxsoft.com',
pathname: '/images/**',
},
{
protocol: 'https',
hostname: 'www.gnxsoft.com',
pathname: '/media/**',
},
{
protocol: 'https',
hostname: 'www.gnxsoft.com',
pathname: '/images/**',
},
{
protocol: 'https',
hostname: 'www.gnxsoft.com',
pathname: '/_next/static/**',
},
{
protocol: 'http',
hostname: 'www.gnxsoft.com',
pathname: '/media/**',
},
{
protocol: 'http',
hostname: 'www.gnxsoft.com',
pathname: '/images/**',
},
],
// Legacy domains format for additional compatibility
domains: ['images.unsplash.com'],
domains: ['images.unsplash.com', 'gnxsoft.com', 'www.gnxsoft.com'],
formats: ['image/avif', 'image/webp'],
deviceSizes: [640, 750, 828, 1080, 1200, 1920, 2048, 3840],
imageSizes: [16, 32, 48, 64, 96, 128, 256, 384],
@@ -63,48 +112,25 @@ const nextConfig = {
productionBrowserSourceMaps: false,
// Performance optimizations (swcMinify removed - default in Next.js 15)
// Enterprise Security Headers
// NOTE: Most security headers are set in nginx to avoid duplicates
// Only set headers here that are specific to Next.js or need to be in the app
async headers() {
return [
{
source: '/:path*',
headers: [
// Security Headers
{
key: 'X-DNS-Prefetch-Control',
value: 'on'
},
{
key: 'Strict-Transport-Security',
value: 'max-age=63072000; includeSubDomains; preload'
},
{
key: 'X-Frame-Options',
value: 'SAMEORIGIN'
},
{
key: 'X-Content-Type-Options',
value: 'nosniff'
},
{
key: 'X-XSS-Protection',
value: '1; mode=block'
},
{
key: 'Referrer-Policy',
value: 'strict-origin-when-cross-origin'
},
{
key: 'Permissions-Policy',
value: 'camera=(), microphone=(), geolocation=(), interest-cohort=()'
},
// Content Security Policy - Set here for Next.js compatibility
// Note: Removed conflicting directives that are ignored with 'strict-dynamic'
{
key: 'Content-Security-Policy',
value: "default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline'; img-src 'self' data: https: http://localhost:8000 http://localhost:8080; font-src 'self' data:; connect-src 'self' http://localhost:8000 https://www.google-analytics.com; frame-src 'self' https://www.google.com; frame-ancestors 'self'; base-uri 'self'; form-action 'self'"
value: process.env.NODE_ENV === 'production'
? "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https:; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' https://www.google-analytics.com; frame-src 'self' https://www.google.com; frame-ancestors 'self'; base-uri 'self'; form-action 'self'; object-src 'none'; upgrade-insecure-requests;"
: "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://www.google-analytics.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https: http://localhost:8000 http://localhost:8080; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self' http://localhost:8000 https://www.google-analytics.com; frame-src 'self' https://www.google.com; frame-ancestors 'self'; base-uri 'self'; form-action 'self';"
},
// Performance Headers
// Hide X-Powered-By header from Next.js
{
key: 'Cache-Control',
value: 'public, max-age=31536000, immutable'
key: 'X-Powered-By',
value: ''
},
],
},
@@ -142,6 +168,12 @@ const nextConfig = {
// Redirects for SEO
async redirects() {
return [
// Redirect /about to /about-us
{
source: '/about',
destination: '/about-us',
permanent: true,
},
// Temporarily disabled - causing API issues
// {
// source: '/((?!api/).*)+/',
@@ -153,7 +185,6 @@ const nextConfig = {
// Rewrites for API proxy (Production: routes /api to backend through nginx)
async rewrites() {
// In development, proxy to Django backend
// In production, nginx handles this
if (process.env.NODE_ENV === 'development') {
return [
{
@@ -166,8 +197,14 @@ const nextConfig = {
},
]
}
// In production, these are handled by nginx reverse proxy
return []
// In production, add rewrite for media files so Next.js image optimization can access them
// This allows Next.js to fetch media images from the internal backend during optimization
return [
{
source: '/media/:path*',
destination: `${process.env.INTERNAL_API_URL || 'http://127.0.0.1:1086'}/media/:path*`,
},
]
},
}