upstage-org
diff --git a/‎.github/workflows/devapp1.yml‎
Lines changed: 2 additions & 2 deletions b/‎.github/workflows/devapp1.yml‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎config/__init__.py‎
Lines changed: 4 additions & 0 deletions b/‎config/__init__.py‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎config/dev/dev_app1_nginx_upstage.conf‎
Lines changed: 95 additions & 95 deletions b/‎config/dev/dev_app1_nginx_upstage.conf‎
Lines changed: 95 additions & 95 deletions
@@ -6,7 +6,7 @@ name: DEVAPP1 CI
 on:
   # Triggers the workflow on push or approved pull request on R1-2021 branch
   push:
-    branches: [ Modelo-2.0.4 ]
+    branches: [ Newcastle-2.0.5 ]
 
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:
@@ -32,7 +32,7 @@ jobs:
           script: |
             cd /home/upstage/upstage/dashboard/
             git fetch
-            git checkout Modelo-2.0.4
+            git checkout Newcastle-2.0.5
             git pull
             yarn
             yarn build:dev
 
@@ -132,5 +132,9 @@
 # SQLALCHEMY_DATABASE_URI = 'mysql+mysqldb://{0}:{1}@{2}:{3}/{4}'.format(DB_USER,DB_PASSWD,DB_HOST,DB_PORT,DB_NAME)
 NGINX_CONFIG_FILE = "config/dev/dev_app1_nginx_upstage.conf"
 
+CLOUDFLARE_CAPTCHA_VERIFY_ENDPOINT = (
+    "https://challenges.cloudflare.com/turnstile/v0/siteverify"
+)
+
 if __name__ == "__main__":
     print("Copy-paste this secret:{}".format(secrets.token_urlsafe(64)))
@@ -2,104 +2,104 @@
 #limit_req_zone $binary_remote_addr zone=limittwo:10m rate=5r/s;
 
 server {
-        server_name _;
-        listen 80;
-        rewrite ^ https://dev-app1.upstage.live$request_uri? permanent;
+    server_name _;
+    listen 80;
+    rewrite ^ https://dev-app1.upstage.live$request_uri? permanent;
 }
 
 server {
-        server_name dev-app1.upstage.live;
-        listen 443 ssl;
-        ssl_dhparam /etc/nginx/ssl/dhparam.pem;
-        ssl_ecdh_curve secp384r1;
-
-        ssl_certificate /etc/letsencrypt/live/dev-app1.upstage.live/fullchain.pem; # managed by Certbot
-        ssl_certificate_key /etc/letsencrypt/live/dev-app1.upstage.live/privkey.pem; # managed by Certbo
-
-        ssl_protocols TLSv1.2 TLSv1.3;
-        #ssl_protocols TLSv1.3;
-        ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
-
-        ssl_prefer_server_ciphers on;
-        ssl_session_cache shared:SSL:10m;
-
-        set_real_ip_from  10.0.0.0/8;
-        set_real_ip_from  172.16.0.0/12;
-        set_real_ip_from  192.168.0.0/16;
-        real_ip_header    X-Forwarded-For;
-
-        #security directives
-        #server_tokens off;
-        #add_header X-Frame-Options SAMEORIGIN;
-        #add_header X-Content-Type-Options nosniff;
-        #add_header X-XSS-Protection "1; mode=block";
-        #add_header Content-Security-Policy "default-src 'self'; script-src 'self' https://s3.amazonaws.com https://dev-app.hellosign.com https://www.google.com https://www.gstatic.com; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; connect-src 'self' https://apis.google.com; frame-src https://dev-app.hellosign.com https://www.google.com; object-src 'none'";
-        #add_header Content-Security-Policy "default-src 'self'; script-src 'self' https://www.google.com https://www.gstatic.com; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; connect-src 'self' https://apis.google.com; frame-src https://www.google.com; object-src 'none'";
-
-        add_header Referrer-Policy "no-referrer";
-
-        client_body_in_file_only clean;
-        client_body_buffer_size 32K;
-
-        client_max_body_size 300M;
-
-        #sendfile on;
-        send_timeout 300s;
-
-        location / {
-            #limit_req zone=limitone burst=20 nodelay;
-            #auth_basic           "Enter password.";
-            #auth_basic_user_file /etc/nginx/htpasswd;
-            alias /home/upstage/upstage/dashboard/dist/;
-            try_files $uri $uri/ /index.html;
-            add_header Last-Modified $date_gmt;
-            add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
-            if_modified_since off;
-            expires off;
-            etag off;
-            gzip on;
-            gzip_types *;
-            gzip_proxied no-cache no-store private expired auth;
-            gzip_min_length 1000;
-        }
-
-        location /studio {
-            alias /home/upstage/upstage/studio/dist/;
-            try_files $uri $uri/ /V4.0/studio/index.html;
-            add_header Last-Modified $date_gmt;
-            add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
-            if_modified_since off;
-            expires off;
-            etag off;
-            gzip on;
-            gzip_types *;
-            gzip_proxied no-cache no-store private expired auth;
-            gzip_min_length 1000;
-        }
-
-        location /static {
-            alias /home/upstage/upstage/uploads;
-            expires off;
-            add_header Cache-Control 'no-cache, must-revalidate';
-        }
-
-        location /V4.0/static {
-            # Keep this path for not breaking replays
-            alias /home/upstage/upstage/uploads;
-            expires off;
-            add_header Cache-Control 'no-cache, must-revalidate';
-        }
-
-        location /api {
-            #limit_req zone=limitone burst=20 nodelay;
-            uwsgi_pass unix:///home/upstage/uwsgi_sockets/upstage.socket;
-            uwsgi_read_timeout 1800s;
-            uwsgi_send_timeout 900s;
-            uwsgi_ignore_client_abort on;
-            include uwsgi_params;
-            uwsgi_hide_header       Content-Security-Policy;
-            uwsgi_hide_header       X-Content-Security-Policy;
-        }
+    server_name dev-app1.upstage.live;
+    listen 443 ssl;
+    ssl_dhparam /etc/nginx/ssl/dhparam.pem;
+    ssl_ecdh_curve secp384r1;
+
+    ssl_certificate /etc/letsencrypt/live/dev-app1.upstage.live/fullchain.pem; # managed by Certbot
+    ssl_certificate_key /etc/letsencrypt/live/dev-app1.upstage.live/privkey.pem; # managed by Certbo
+
+    ssl_protocols TLSv1.2 TLSv1.3;
+    #ssl_protocols TLSv1.3;
+    ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
+
+    ssl_prefer_server_ciphers on;
+    ssl_session_cache shared:SSL:10m;
+
+    set_real_ip_from 10.0.0.0/8;
+    set_real_ip_from 172.16.0.0/12;
+    set_real_ip_from 192.168.0.0/16;
+    real_ip_header X-Forwarded-For;
+
+    #security directives
+    #server_tokens off;
+    #add_header X-Frame-Options SAMEORIGIN;
+    #add_header X-Content-Type-Options nosniff;
+    #add_header X-XSS-Protection "1; mode=block";
+    #add_header Content-Security-Policy "default-src 'self'; script-src 'self' https://s3.amazonaws.com https://dev-app.hellosign.com https://www.google.com https://www.gstatic.com; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; connect-src 'self' https://apis.google.com; frame-src https://dev-app.hellosign.com https://www.google.com; object-src 'none'";
+    #add_header Content-Security-Policy "default-src 'self'; script-src 'self' https://www.google.com https://www.gstatic.com; img-src 'self' data:; style-src 'self' 'unsafe-inline'; font-src 'self' data:; connect-src 'self' https://apis.google.com; frame-src https://www.google.com; object-src 'none'";
+
+    add_header Referrer-Policy "no-referrer";
+
+    client_body_in_file_only clean;
+    client_body_buffer_size 32K;
+
+    client_max_body_size 300M;
+
+    #sendfile on;
+    send_timeout 300s;
+
+    location / {
+        #limit_req zone=limitone burst=20 nodelay;
+        #auth_basic           "Enter password.";
+        #auth_basic_user_file /etc/nginx/htpasswd;
+        alias /home/upstage/upstage/dashboard/dist/;
+        try_files $uri $uri/ /index.html;
+        add_header Last-Modified $date_gmt;
+        add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
+        if_modified_since off;
+        expires off;
+        etag off;
+        gzip on;
+        gzip_types *;
+        gzip_proxied no-cache no-store private expired auth;
+        gzip_min_length 1000;
+    }
+
+    location /studio {
+        alias /home/upstage/upstage/studio/dist/;
+        try_files $uri $uri/ /studio/index.html;
+        add_header Last-Modified $date_gmt;
+        add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
+        if_modified_since off;
+        expires off;
+        etag off;
+        gzip on;
+        gzip_types *;
+        gzip_proxied no-cache no-store private expired auth;
+        gzip_min_length 1000;
+    }
+
+    location /static {
+        alias /home/upstage/upstage/uploads;
+        expires off;
+        add_header Cache-Control 'no-cache, must-revalidate';
+    }
+
+    location /V4.0/static {
+        # Keep this path for not breaking replays
+        alias /home/upstage/upstage/uploads;
+        expires off;
+        add_header Cache-Control 'no-cache, must-revalidate';
+    }
+
+    location /api {
+        #limit_req zone=limitone burst=20 nodelay;
+        uwsgi_pass unix:///home/upstage/uwsgi_sockets/upstage.socket;
+        uwsgi_read_timeout 1800s;
+        uwsgi_send_timeout 900s;
+        uwsgi_ignore_client_abort on;
+        include uwsgi_params;
+        uwsgi_hide_header Content-Security-Policy;
+        uwsgi_hide_header X-Content-Security-Policy;
+    }
 
 
 }