Add a secure repository Prompts review surface and prompt metadata API
Hop-State: A_06FN6MRSHG4B64ZV13086G8 Hop-Proposal: R_06FN6MQDE14FFNR65H1D28G Hop-Task: T_06FN6J8ECE1Z9XQ5PQ3Z3D8 Hop-Attempt: AT_06FN6J8ECC1SC794JMZ0TF8
This commit is contained in:
@@ -27,5 +27,20 @@ docker compose --env-file .env up --build -d
|
||||
|
||||
The reverse proxy should forward the public hostname to the configured
|
||||
`GITEA_HTTP_BIND:GITEA_HTTP_PORT`, preserve the `Host` header, and set
|
||||
`X-Forwarded-Proto` to `https`. Persistent repository and database data live in
|
||||
the named Compose volumes.
|
||||
`X-Forwarded-Proto` to `https`. It must also proxy `/hop/` to the Hop control
|
||||
plane, preserving the browser's Gitea session cookie. This lets the Prompts
|
||||
view check the viewer's repository access before returning potentially
|
||||
sensitive prompt text.
|
||||
|
||||
For nginx, the control-plane location should precede the Gitea catch-all:
|
||||
|
||||
```nginx
|
||||
location /hop/ {
|
||||
proxy_pass http://127.0.0.1:8080/;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header Cookie $http_cookie;
|
||||
}
|
||||
```
|
||||
|
||||
Persistent repository and database data live in the named Compose volumes.
|
||||
|
||||
Reference in New Issue
Block a user