search

openwisp / docker-openwisp

OpenWISP in docker. For production usage we recommend using the ansible-openwisp2 role.
https://openwisp.io/docs/dev/docker/
BSD 3-Clause "New" or "Revised" License
149 stars 75 forks source link

Allow setting CSRF_TRUSTED_ORIGINS via .env #305

Closed jangrewe closed 1 month ago

jangrewe commented 3 months ago

I have just set up the whole OpenWISP stack with the edge images and got this error:

Forbidden (Origin checking failed - https://openwisp.faked.org/ does not match any trusted origins.): /admin/login/

(It worked fine with the latest images.)

There is a fix mentioned in ansible-openwisp2: https://github.com/openwisp/ansible-openwisp2/issues/443 But editing the settings.py is not that easy with Docker images, for as a workaround i'm mounting a fixed settings.py into the Dashboard container - and then it works.

It would be great if setting CSRF_TRUSTED_ORIGINS via the .env file would be possible, similar to how DJANGO_ALLOWED_HOSTS is already handled.

Thanks!

nemesifier commented 3 months ago

@jangrewe I am open to adding this. In the meantime, this should let you define custom settings: https://github.com/openwisp/docker-openwisp?tab=readme-ov-file#custom-django-settings.

jangrewe commented 3 months ago

Oh snap, ich completely forgot about that, because when doing my "docker-compose.yml to custom Ansible role" thing, i didn't add that bind mount because i though "nah, i won't be needing that..." - shame on me! 🫣

But thanks for adding this anyways, as it seems to be not a one-off situation that this needs to be set. 😉

nemesifier commented 1 month ago

I think the docs about customizing settings is good enough for this, hence I'm closing. BTW: the docs for advanced customizations are being moved to the Unified Documentation Website.