From c48fa8a790d3c77d4f587376458d7eac86ad6478 Mon Sep 17 00:00:00 2001
From: Johan Bloemberg <git@ijohan.nl>
Date: Thu, 21 Nov 2024 15:41:22 +0100
Subject: [PATCH] Fix allowed_hosts

---
 compose.yml                | 19 ++++++++++---------
 src/ctlssa/app/settings.py |  4 ++--
 2 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/compose.yml b/compose.yml
index 9602d42..e5c5cb1 100644
--- a/compose.yml
+++ b/compose.yml
@@ -19,16 +19,17 @@ services:
     ports:
       - 8001:8001
     environment:
-      DEBUG: "False"
-      CTLSSA_SECRET_KEY: '1'
-      CTLSSA_DJANGO_DATABASE: production
-      CTLSSA_DB_ENGINE: postgresql_psycopg2
-      CTLSSA_DB_HOST: db
-      CTLSSA_CERTSTREAM_SERVER_URL: ws://certstream:4000
+      - DEBUG="False"
+      - CTLSSA_SECRET_KEY='1'
+      - CTLSSA_DJANGO_DATABASE=production
+      - CTLSSA_DB_ENGINE=postgresql_psycopg2
+      - CTLSSA_DB_HOST=db
+      - CTLSSA_CERTSTREAM_SERVER_URL=ws://certstream:4000
+      - CTLSSA_HOSTNAME
     labels:
       - "traefik.enable=true"
-      - "traefik.http.routers.ctlssa.rule='Host(`${CTLSSA_HOSTNAME}`) && PathPrefix(`/ctlssa`)"
-      - "traefik.http.routers.ctlssa.priority=20"
+      - "traefik.http.routers.ctlssa.rule=Host(`${CTLSSA_HOSTNAME}`) && PathPrefix(`/ctlssa`)"
+      - "traefik.http.routers.ctlssa.priority=30"
       - "traefik.http.routers.ctlssa.entrypoints=websecure"
 
     # uwsgi reloads on SIGTERM, so use SIGINT instead
@@ -44,7 +45,7 @@ services:
       app-ingest:
         condition: service_started
     healthcheck:
-      test: curl --silent --fail http://127.0.0.1:8001
+      test: curl --silent http://127.0.0.1:8001/
       interval: 5m
       start_period: 30s
       start_interval: 1s
diff --git a/src/ctlssa/app/settings.py b/src/ctlssa/app/settings.py
index e550152..a9f28b5 100644
--- a/src/ctlssa/app/settings.py
+++ b/src/ctlssa/app/settings.py
@@ -26,8 +26,8 @@
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = os.environ.get("DEBUG", "False").lower() == "true"
 
-CTLSSA_HOSTNAME = os.environ.get("CTLSSA_HOSTNAME", "localhost:8001")
-ALLOWED_HOSTS = os.environ.get("CTLSSA_ALLOWED_HOSTS", f"{CTLSSA_HOSTNAME}").split(",")
+CTLSSA_HOSTNAME = os.environ.get("CTLSSA_HOSTNAME", "localhost")
+ALLOWED_HOSTS = os.environ.get("CTLSSA_ALLOWED_HOSTS", f"{CTLSSA_HOSTNAME},127.0.0.1").split(",")
 
 
 # Application definition