bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: remove admin SPA and update to two-app production setup

Browse Source 
Remove apps/admin/ entirely — platform admin functionality now lives
in apps/app/ under /platform/* routes for super_admin users.

Production URL scheme changed:
- Organizer app: crewli.app (was app.crewli.app)
- Portal: portal.crewli.app (unchanged)
- API: api.crewli.app (unchanged)
- admin.crewli.app and app.crewli.app retired

Backend:
- Removed FRONTEND_ADMIN_URL config and admin cookie (crewli_admin_token)
  from SetAuthCookie, CookieBearerToken, cors.php, app.php
- Updated .env and .env.example (two origins, no port 5173)
- Updated cookie test: admin origin test → unknown origin fallback test

Infrastructure:
- Makefile: removed admin target
- deploy/nginx: updated CSP comment, removed admin vhost
- Updated README.md, CLAUDE.md, and all dev-docs

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
bert.hausmans
2026-04-15 08:44:10 +02:00
parent 945e22f322
commit 28727f246b
1390 changed files with 29 additions and 181476 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
deploy/README.md
View File

@@ -16,22 +16,10 @@ server {
}
```
### Organizer App (app.crewli.app)
### Organizer App (crewli.app)
```nginx
server {
server_name app.crewli.app;
include /path/to/deploy/nginx/security-headers.conf;
include /path/to/deploy/nginx/csp-spa.conf;
# ... rest of config
}
```
### Admin (admin.crewli.app)
```nginx
server {
server_name admin.crewli.app;
server_name crewli.app;
include /path/to/deploy/nginx/security-headers.conf;
include /path/to/deploy/nginx/csp-spa.conf;
@@ -66,4 +54,4 @@ If using DirectAdmin with Nginx:
1. Place the `.conf` files in `/usr/local/directadmin/data/users/USERNAME/nginx.conf`
or use DirectAdmin's custom Nginx configuration feature
2. Reload Nginx: `service nginx reload`
3. Verify headers: `curl -I https://app.crewli.app | grep -i security`
3. Verify headers: `curl -I https://crewli.app | grep -i security`

2
deploy/nginx/csp-spa.conf
View File

@@ -1,4 +1,4 @@
# CSP for app.crewli.app and admin.crewli.app
# CSP for crewli.app (organizer SPA)
# Vite bundles all JS/CSS into same-origin files.
# 'unsafe-inline' for style-src is required by Vuetify (inline styles for theming).
# img-src https: allows organisation logos loaded from external URLs.