klbr/khoj
1
0
Fork 0
mirror of https://github.com/khoaliber/khoj.git synced 2026-03-09 05:39:12 +00:00
Code Issues Packages Projects Releases Wiki Activity

Simplify KHOJ_DOMAIN states. All production deployments should set it.

Browse Source 
Do not need KHOJ_DOMAIN to be tri-state.
KHOJ_DOMAIN set to empty does not change behavior anymore.

Related 5a3c7b1
This commit is contained in:
Debanjum
2025-04-13 06:47:42 +05:30
parent e072530471
commit 51e19c6199
1 changed files with 6 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/khoj/app/settings.py
View File

@@ -22,34 +22,29 @@ from khoj.utils.helpers import is_env_var_true
# Build paths inside the project like this: BASE_DIR / 'subdir'. # Build paths inside the project like this: BASE_DIR / 'subdir'.
BASE_DIR = Path(__file__).resolve().parent.parent BASE_DIR = Path(__file__).resolve().parent.parent
# Quick-start development settings - unsuitable for production
# See https://docs.djangoproject.com/en/4.2/howto/deployment/checklist/
# SECURITY WARNING: keep the secret key used in production secret! # SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = os.getenv("KHOJ_DJANGO_SECRET_KEY", "!secret") SECRET_KEY = os.getenv("KHOJ_DJANGO_SECRET_KEY", "!secret")
# All Subdomains of KHOJ_DOMAIN are trusted # Set KHOJ_DOMAIN to custom domain for production deployments.
KHOJ_DOMAIN = os.getenv("KHOJ_DOMAIN") or "khoj.dev" KHOJ_DOMAIN = os.getenv("KHOJ_DOMAIN") or "khoj.dev"
# Set KHOJ_ALLOWED_DOMAIN to the i.p or domain of the Khoj service on the internal network.
# Useful to set when running the service behind a reverse proxy.
KHOJ_ALLOWED_DOMAIN = os.getenv("KHOJ_ALLOWED_DOMAIN", KHOJ_DOMAIN) KHOJ_ALLOWED_DOMAIN = os.getenv("KHOJ_ALLOWED_DOMAIN", KHOJ_DOMAIN)
ALLOWED_HOSTS = [f".{KHOJ_ALLOWED_DOMAIN}", "localhost", "127.0.0.1", "[::1]", f"{KHOJ_ALLOWED_DOMAIN}"] ALLOWED_HOSTS = [f".{KHOJ_ALLOWED_DOMAIN}", "localhost", "127.0.0.1", "[::1]", f"{KHOJ_ALLOWED_DOMAIN}"]
# All Subdomains of KHOJ_DOMAIN are trusted for CSRF
CSRF_TRUSTED_ORIGINS = [ CSRF_TRUSTED_ORIGINS = [
f"https://*.{KHOJ_DOMAIN}", f"https://*.{KHOJ_DOMAIN}",
f"https://{KHOJ_DOMAIN}", f"https://{KHOJ_DOMAIN}",
f"http://*.{KHOJ_DOMAIN}", f"http://*.{KHOJ_DOMAIN}",
f"http://{KHOJ_DOMAIN}", f"http://{KHOJ_DOMAIN}",
f"https://app.{KHOJ_DOMAIN}",
] ]
DISABLE_HTTPS = is_env_var_true("KHOJ_NO_HTTPS") DISABLE_HTTPS = is_env_var_true("KHOJ_NO_HTTPS")
# KHOJ_DOMAIN is tri-state.
# - Unset it for local deployments.
# - Set it to empty for official production deployment.
# - Set it to custom domain for other production deployments.
# WARNING: Change this check only if you know what you are doing. # WARNING: Change this check only if you know what you are doing.
if os.getenv("KHOJ_DOMAIN") == None: if not os.getenv("KHOJ_DOMAIN"):
SESSION_COOKIE_DOMAIN = "localhost" SESSION_COOKIE_DOMAIN = "localhost"
CSRF_COOKIE_DOMAIN = "localhost" CSRF_COOKIE_DOMAIN = "localhost"
else: else:
@@ -59,7 +54,6 @@ else:
if not DISABLE_HTTPS: if not DISABLE_HTTPS:
SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https") SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
COOKIE_SAMESITE = "None"
if DISABLE_HTTPS: if DISABLE_HTTPS:
SESSION_COOKIE_SECURE = False SESSION_COOKIE_SECURE = False
CSRF_COOKIE_SECURE = False CSRF_COOKIE_SECURE = False