From fb3bbf3fc566ea6852857d1b32b49bdb75dd430f Mon Sep 17 00:00:00 2001
From: ChaoticByte <9070224-ChaoticByte@users.noreply.gitlab.com>
Date: Sun, 12 Feb 2023 10:59:22 +0100
Subject: [PATCH] Added support for multiple hosts in caddy configuration and
 CSRF_TRUSTED_ORIGINS #22

---
 data/Caddyfile          |  2 +-
 data/config.example.yml |  4 +++-
 project/settings.py     | 12 +++++++-----
 scripts/_bootstrap.py   |  3 ++-
 4 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/data/Caddyfile b/data/Caddyfile
index b790b2e..c5bbc58 100644
--- a/data/Caddyfile
+++ b/data/Caddyfile
@@ -7,7 +7,7 @@
 	https_port {$HTTPS_PORT}
 }
 
-{$CADDY_HOST} {
+{$CADDY_HOSTS} {
 	# the tls certificates
 	tls {$DATADIR}/tls/server.pem {$DATADIR}/tls/server-key.pem
 	route {
diff --git a/data/config.example.yml b/data/config.example.yml
index 1e177cb..0586bcf 100644
--- a/data/config.example.yml
+++ b/data/config.example.yml
@@ -28,7 +28,9 @@ db:
   port: 5432
 caddy:
   # Webserver settings
-  host: "localhost"
+  hosts:
+    - "localhost"
+    - "127.0.0.1"
   http_port: 80
   https_port: 443
 logs:
diff --git a/project/settings.py b/project/settings.py
index 79a8add..a5362ca 100644
--- a/project/settings.py
+++ b/project/settings.py
@@ -125,11 +125,13 @@ AUTH_USER_MODEL = "app.User"
 SESSION_COOKIE_AGE = int(config["app"]["session_cookie_age"])
 CSRF_COOKIE_SECURE = True
 SESSION_COOKIE_SECURE = True
-CSRF_TRUSTED_ORIGINS = [
-    f"https://{config['caddy']['host']}",
-    f"http://{config['caddy']['host']}",
-    f"https://{config['caddy']['host']}:{config['caddy']['https_port']}",
-    f"http://{config['caddy']['host']}:{config['caddy']['https_port']}"]
+CSRF_TRUSTED_ORIGINS = []
+
+for host in config['caddy']['hosts']:
+    CSRF_TRUSTED_ORIGINS.append(f"http://{host}")
+    CSRF_TRUSTED_ORIGINS.append(f"https://{host}")
+    CSRF_TRUSTED_ORIGINS.append(f"http://{host}:{config['caddy']['https_port']}")
+    CSRF_TRUSTED_ORIGINS.append(f"https://{host}:{config['caddy']['https_port']}")
 
 # Internationalization
 # https://docs.djangoproject.com/en/4.1/topics/i18n/
diff --git a/scripts/_bootstrap.py b/scripts/_bootstrap.py
index 7a04618..1821369 100755
--- a/scripts/_bootstrap.py
+++ b/scripts/_bootstrap.py
@@ -118,7 +118,8 @@ if __name__ == "__main__":
     # Caddy configuration via env
     environment_caddy = os.environ
     environment_caddy["DATADIR"] = str(data_directory.absolute())
-    environment_caddy["CADDY_HOST"] = str(config["caddy"]["host"])
+    environment_caddy["CADDY_HOSTS"] = ", ".join(config["caddy"]["hosts"])
+    print(environment_caddy["CADDY_HOSTS"])
     environment_caddy["HTTP_PORT"] = str(config["caddy"]["http_port"])
     environment_caddy["HTTPS_PORT"] = str(config["caddy"]["https_port"])
     environment_caddy["APPLICATION_PORT"] = str(config["app"]["application_port"])