MOPC/MOPC-Portal
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add email password change feature and fix nginx config

Browse Source 
- Add public page at /email/change-password for Poste.io mailbox password management
- Add API routes for SMTP credential verification and Poste.io password change
- Rewrite nginx config as HTTP-only (certbot --nginx will add SSL)
- Add Poste.io admin API env vars to docker-compose and env templates

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Matt
2026-01-30 16:15:08 +01:00
parent d5398e93a0
commit 8c598ba3ee
7 changed files with 607 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
docker/nginx/mopc-platform.conf
View File

@@ -1,31 +1,26 @@
# =============================================================================
# MOPC Platform - Nginx Reverse Proxy Configuration
# =============================================================================
# Install: sudo ln -s /opt/mopc/docker/nginx/mopc-platform.conf /etc/nginx/sites-enabled/
# Test: sudo nginx -t
# Reload: sudo systemctl reload nginx
# Setup steps:
# 1. sudo ln -s /opt/mopc/docker/nginx/mopc-platform.conf /etc/nginx/sites-enabled/
# 2. sudo nginx -t && sudo systemctl reload nginx
# 3. sudo certbot --nginx -d portal.monaco-opc.com
#
# Certbot will automatically add SSL configuration to this file.
# Rate limiting zone
limit_req_zone $binary_remote_addr zone=mopc_limit:10m rate=10r/s;
# MOPC Platform - HTTPS
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
listen 80;
listen [::]:80;
server_name portal.monaco-opc.com;
# SSL certificates (managed by Certbot)
ssl_certificate /etc/letsencrypt/live/portal.monaco-opc.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/portal.monaco-opc.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
# Security headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob:; font-src 'self' data:; connect-src 'self';" always;
# File upload size (500MB for videos)
client_max_body_size 500M;
@@ -68,11 +63,3 @@ server {
access_log off;
}
}
# HTTP to HTTPS redirect
server {
listen 80;
listen [::]:80;
server_name portal.monaco-opc.com;
return 301 https://$host$request_uri;
}