mmintel/klz-cables.com
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

fix(infra): guaranteed Traefik bypass for OG images and sitemaps

Browse Source 
- Added explicit Host match and PathPrefixes to public router in docker-compose.yml.
- Increased priority of public router to 2000.
- Updated middleware.ts to bypass next-intl for OG images and API routes.
- Verified local rendering of OG images.
This commit is contained in:
Marc Mintel
2026-02-12 22:18:21 +01:00
parent a19bd92df7
commit 9097e2cead
4 changed files with 2903 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docker-compose.yml
View File

@@ -22,13 +22,13 @@ services:
- "traefik.http.routers.${PROJECT_NAME:-klz-cables}.middlewares=${AUTH_MIDDLEWARE:-${PROJECT_NAME:-klz-cables}-ratelimit,${PROJECT_NAME:-klz-cables}-forward,${PROJECT_NAME:-klz-cables}-compress}"
# Public Router (Whitelist for OG Images, Sitemaps, Health)
- "traefik.http.routers.${PROJECT_NAME:-klz-cables}-public.rule=PathPrefix(`/health`, `/sitemap.xml`, `/robots.txt`, `/manifest.webmanifest`) || PathRegexp(`.*api/og/.*`) || PathRegexp(`.*opengraph-image$`) || PathRegexp(`.*opengraph-image\\?.*`)"
- "traefik.http.routers.${PROJECT_NAME:-klz-cables}-public.rule=(${TRAEFIK_HOST_RULE:-Host(`klz-cables.com`)}) && (PathPrefix(`/health`, `/sitemap.xml`, `/robots.txt`, `/manifest.webmanifest`, `/api/og`) || PathPrefix(`/de/opengraph-image`, `/en/opengraph-image`, `/de/blog/opengraph-image`, `/en/blog/opengraph-image`, `/de/products/opengraph-image`, `/en/products/opengraph-image`) || PathRegexp(`^/.*opengraph-image.*$`))"
- "traefik.http.routers.${PROJECT_NAME:-klz-cables}-public.entrypoints=websecure"
- "traefik.http.routers.${PROJECT_NAME:-klz-cables}-public.tls.certresolver=le"
- "traefik.http.routers.${PROJECT_NAME:-klz-cables}-public.tls=true"
- "traefik.http.routers.${PROJECT_NAME:-klz-cables}-public.service=${PROJECT_NAME:-klz-cables}"
- "traefik.http.routers.${PROJECT_NAME:-klz-cables}-public.middlewares=${AUTH_MIDDLEWARE_UNPROTECTED:-${PROJECT_NAME:-klz-cables}-ratelimit,${PROJECT_NAME:-klz-cables}-forward,${PROJECT_NAME:-klz-cables}-compress}"
- "traefik.http.routers.${PROJECT_NAME:-klz-cables}-public.priority=1000"
- "traefik.http.routers.${PROJECT_NAME:-klz-cables}-public.priority=2000"
- "traefik.http.services.${PROJECT_NAME:-klz-cables}.loadbalancer.server.port=3000"
- "traefik.http.services.${PROJECT_NAME:-klz-cables}.loadbalancer.server.scheme=http"

4
middleware.ts
View File

@@ -18,7 +18,9 @@ export default function middleware(request: NextRequest) {
if (
pathname.startsWith('/stats') ||
pathname.startsWith('/errors') ||
pathname.startsWith('/health')
pathname.startsWith('/health') ||
pathname.startsWith('/api/og') ||
pathname.includes('opengraph-image')
) {
return;
}

1449
public/fonts/Inter-Bold.ttf Normal file
View File

File diff suppressed because one or more lines are too long

1449
public/fonts/Inter-Regular.ttf Normal file
View File

File diff suppressed because one or more lines are too long