consentos

kunthawat/consentos

Fork 0

Commit Graph

Author	SHA1	Message	Date
James Cottrill	e0f1dd43e8	fix(scanner): reliable cookie discovery, auto-categorisation, and scan scheduling UI (#7 ) Scanner fixes: - Remove conflicting ``path`` from consent pre-seed cookie (Playwright rejects cookies with both ``url`` and ``path``). - Switch to ``networkidle`` + 5s + 2s delayed second-pass for reliable cookie capture. - Check sitemap Content-Type to skip SPA HTML fallbacks. - Propagate ``auto_category`` from scan results to the cookies table during sync (was silently dropped). - Add ``_gcl_ls`` to the Open Cookie Database CSV. - Classify ``_consentos_*`` cookies as necessary directly in the classification engine. - Add ``seed_known_cookies`` to the bootstrap init container command. Admin UI: - Add scan schedule control to the Scans tab — preset options (disabled/daily/weekly/fortnightly/monthly) plus custom cron input. Saves ``scan_schedule_cron`` on the site config.	2026-04-18 20:14:32 +01:00
James Cottrill	84e41857c3	Bundle banner into admin-ui image and add prod docker-compose (#1 ) * fix: bundle banner into admin-ui image and serve at origin root The loader at apps/banner/src/loader.ts derives the bundle URL from its own origin, not its directory, so ``consent-loader.js`` and ``consent-bundle.js`` must live at the web root rather than under a sub-path. The upstream admin-ui image never bundled the banner at all, forcing deployment overlays to paper over the gap — and those overlays misplaced the files under ``/banner/``. Fold the banner build into ``apps/admin-ui/Dockerfile`` as an extra stage, move its output to ``public/`` so Vite emits it at the image root, and add CORS + caching rules for the two scripts in ``nginx.conf`` ahead of the SPA fallback. Switch the root ``docker-compose.yml`` build context to the repo root (with the dockerignore trimmed accordingly) so one image now covers admin + CDN. Also drop the published sourcemap for ``consent-bundle.js`` — the bundle is minified and cross-origin, shipping a map to anyone inspecting a customer page isn't something we want. * feat: add docker-compose.prod.yml for single-host deployment Add a production-targeted compose file alongside the existing dev one. Operators running ConsentOS on a single host (the OSS quick-start path) now have a canonical compose to point ``-f`` at, instead of hand-rolling overlays in their deployment repo. Differences from ``docker-compose.yml`` (dev) — see the file header for the full list, but the load-bearing ones are: * A one-shot ``consentos-bootstrap`` init container owns alembic migrations and the initial-admin provisioning. Every long-running service that touches the database waits for it via ``service_completed_successfully``. * Postgres credentials and Redis password come from the ``.env`` file rather than being hardcoded; the dev compose keeps the ``consentos:consentos`` defaults so ``make up`` still just works. * All host-bound ports are scoped to ``127.0.0.1`` so a reverse proxy on the host (Caddy in the reference deployment) can terminate TLS in front of them. * The scanner gets a scoped ``environment:`` block instead of ``env_file: .env``. Sharing the env file caused vars like ``PORT`` to leak into ``ScannerSettings`` and rebind the service off its default ``8001``, which silently broke ``SCANNER_SERVICE_URL`` for the worker. * ``shm_size: 1gb`` on the scanner — Playwright/Chromium crashes under the default 64 MB ``/dev/shm`` on heavy pages. * ``consentos-admin`` builds with the repo root as the context so the upstream ``apps/admin-ui/Dockerfile`` (added in the previous commit) can pull ``apps/banner/`` in alongside ``apps/admin-ui/`` and bundle ``consent-loader.js`` / ``consent-bundle.js`` at the nginx root. * Per-service ``mem_limit`` and dependency-aware healthchecks so ``docker compose up -d`` gives a consistent, observable start.	2026-04-14 13:03:36 +01:00

Author

SHA1

Message

Date

James Cottrill

e0f1dd43e8

fix(scanner): reliable cookie discovery, auto-categorisation, and scan scheduling UI (#7 )

Scanner fixes:
- Remove conflicting ``path`` from consent pre-seed cookie (Playwright
  rejects cookies with both ``url`` and ``path``).
- Switch to ``networkidle`` + 5s + 2s delayed second-pass for reliable
  cookie capture.
- Check sitemap Content-Type to skip SPA HTML fallbacks.
- Propagate ``auto_category`` from scan results to the cookies table
  during sync (was silently dropped).
- Add ``_gcl_ls`` to the Open Cookie Database CSV.
- Classify ``_consentos_*`` cookies as necessary directly in the
  classification engine.
- Add ``seed_known_cookies`` to the bootstrap init container command.

Admin UI:
- Add scan schedule control to the Scans tab — preset options
  (disabled/daily/weekly/fortnightly/monthly) plus custom cron input.
  Saves ``scan_schedule_cron`` on the site config.

2026-04-18 20:14:32 +01:00

James Cottrill

84e41857c3

Bundle banner into admin-ui image and add prod docker-compose (#1 )

* fix: bundle banner into admin-ui image and serve at origin root

The loader at apps/banner/src/loader.ts derives the bundle URL from
its own origin, not its directory, so ``consent-loader.js`` and
``consent-bundle.js`` must live at the web root rather than under a
sub-path. The upstream admin-ui image never bundled the banner at
all, forcing deployment overlays to paper over the gap — and those
overlays misplaced the files under ``/banner/``.

Fold the banner build into ``apps/admin-ui/Dockerfile`` as an extra
stage, move its output to ``public/`` so Vite emits it at the image
root, and add CORS + caching rules for the two scripts in
``nginx.conf`` ahead of the SPA fallback. Switch the root
``docker-compose.yml`` build context to the repo root (with the
dockerignore trimmed accordingly) so one image now covers admin + CDN.

Also drop the published sourcemap for ``consent-bundle.js`` — the
bundle is minified and cross-origin, shipping a map to anyone
inspecting a customer page isn't something we want.

* feat: add docker-compose.prod.yml for single-host deployment

Add a production-targeted compose file alongside the existing dev one.
Operators running ConsentOS on a single host (the OSS quick-start
path) now have a canonical compose to point ``-f`` at, instead of
hand-rolling overlays in their deployment repo.

Differences from ``docker-compose.yml`` (dev) — see the file header
for the full list, but the load-bearing ones are:

* A one-shot ``consentos-bootstrap`` init container owns alembic
  migrations and the initial-admin provisioning. Every long-running
  service that touches the database waits for it via
  ``service_completed_successfully``.
* Postgres credentials and Redis password come from the ``.env``
  file rather than being hardcoded; the dev compose keeps the
  ``consentos:consentos`` defaults so ``make up`` still just works.
* All host-bound ports are scoped to ``127.0.0.1`` so a reverse
  proxy on the host (Caddy in the reference deployment) can
  terminate TLS in front of them.
* The scanner gets a scoped ``environment:`` block instead of
  ``env_file: .env``. Sharing the env file caused vars like
  ``PORT`` to leak into ``ScannerSettings`` and rebind the service
  off its default ``8001``, which silently broke
  ``SCANNER_SERVICE_URL`` for the worker.
* ``shm_size: 1gb`` on the scanner — Playwright/Chromium crashes
  under the default 64 MB ``/dev/shm`` on heavy pages.
* ``consentos-admin`` builds with the repo root as the context so
  the upstream ``apps/admin-ui/Dockerfile`` (added in the previous
  commit) can pull ``apps/banner/`` in alongside ``apps/admin-ui/``
  and bundle ``consent-loader.js`` / ``consent-bundle.js`` at the
  nginx root.
* Per-service ``mem_limit`` and dependency-aware healthchecks so
  ``docker compose up -d`` gives a consistent, observable start.

2026-04-14 13:03:36 +01:00

2 Commits