Implement IP allowlisting for QR generation and enhance .env file handling

2026-04-02 15:46:58 +08:00
parent 5e8d5fb42e
commit 4d6fd1e348
4 changed files with 81 additions and 2 deletions
--- a/.gitea/workflows/deploy.yml
+++ b/.gitea/workflows/deploy.yml
@@ -75,6 +75,19 @@ jobs:

            cd "$DEPLOY_DIR"

+            echo "Checking .env file"
+            if [ ! -f .env ]; then
+              echo ".env file not found at $DEPLOY_DIR/.env"
+              echo "Please create it first with optional/custom variables such as:"
+              echo "  - TRUST_PROXY"
+              echo "  - ALLOWED_QR_IPS"
+              exit 1
+            fi
+
+            echo "Fixing .env permissions"
+            sudo chown $USER:$USER .env
+            sudo chmod 600 .env
+
            echo "Ensure networks"
            docker network inspect traefik-public >/dev/null 2>&1 || \
              docker network create traefik-public