quartermaster

archeious/quartermaster

Fork 0

...

Author	SHA1	Message	Date
archeious	5ae0675705	Merge pull request 'fix(docker): enable uvicorn proxy-headers so CSS loads behind Traefik' (#35 ) from fix/proxy-headers into main All checks were successful deploy / build-push-deploy (push) Successful in 1m10s Details Reviewed-on: #35 Reviewed-by: archeious <archeious@unbiasedgeek.com>	2026-04-19 18:16:15 -06:00
Jeff Smith	ee6eaaeba8	fix(docker): enable uvicorn proxy-headers so url_for works behind Traefik Without --proxy-headers + --forwarded-allow-ips, uvicorn ignores the X-Forwarded-Proto header Traefik sets, so Starlette's url_for() picks up the internal scheme (http) and host (the container's bind address). That makes every <link>/<img> href in templates point at an internal URL with the wrong scheme — the browser refuses CSS/images as mixed content and the public page renders unstyled. With both flags the template output becomes https://quartermaster.unbiasedgeek.com/static/… as expected. The wildcard in --forwarded-allow-ips='*' is safe here because the compose file publishes no host ports — only containers on proxy-net (i.e. Traefik) can reach port 8000. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-19 18:15:30 -06:00

Author

SHA1

Message

Date

archeious

5ae0675705

Merge pull request 'fix(docker): enable uvicorn proxy-headers so CSS loads behind Traefik' (#35 ) from fix/proxy-headers into main

deploy / build-push-deploy (push) Successful in 1m10s

Details

Reviewed-on: #35
Reviewed-by: archeious <archeious@unbiasedgeek.com>

2026-04-19 18:16:15 -06:00

Jeff Smith

ee6eaaeba8

fix(docker): enable uvicorn proxy-headers so url_for works behind Traefik

Without --proxy-headers + --forwarded-allow-ips, uvicorn ignores the
X-Forwarded-Proto header Traefik sets, so Starlette's url_for() picks
up the internal scheme (http) and host (the container's bind address).
That makes every <link>/<img> href in templates point at an internal
URL with the wrong scheme — the browser refuses CSS/images as mixed
content and the public page renders unstyled.

With both flags the template output becomes
https://quartermaster.unbiasedgeek.com/static/… as expected.

The wildcard in --forwarded-allow-ips='*' is safe here because the
compose file publishes no host ports — only containers on proxy-net
(i.e. Traefik) can reach port 8000.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-19 18:15:30 -06:00

1 changed files with 2 additions and 0 deletions

									
										2

docker/entrypoint.sh
									
										View file
										
					@ -8,4 +8,6 @@ alembic upgrade head

					exec uvicorn quartermaster.main:app \

					exec uvicorn quartermaster.main:app \

					    --host 0.0.0.0 \

					    --host 0.0.0.0 \

					    --port 8000 \

					    --port 8000 \

					    --proxy-headers \

					    --forwarded-allow-ips='*' \

					    --log-config src/quartermaster/logconfig.json

					    --log-config src/quartermaster/logconfig.json

Compare commits

2 commits

9f68351c80 ... 5ae0675705

2

docker/entrypoint.sh

View file

Compare commits

2 commits 9f68351c80 ... 5ae0675705

2 docker/entrypoint.sh Unescape Escape View file

2 commits

9f68351c80 ... 5ae0675705

2

docker/entrypoint.sh

View file