From 8af257ca39e7c495d20191f993c9a98415fb0158 Mon Sep 17 00:00:00 2001
From: Arnaud Botella <arnaud.botella@geode-solutions.com>
Date: Wed, 11 Mar 2026 09:30:45 +0100
Subject: [PATCH 1/4] test

---
 .github/workflows/CD.yml | 24 ------------------------
 1 file changed, 24 deletions(-)

diff --git a/.github/workflows/CD.yml b/.github/workflows/CD.yml
index 51a19ff..c2f828d 100644
--- a/.github/workflows/CD.yml
+++ b/.github/workflows/CD.yml
@@ -2,7 +2,6 @@ name: Docker Image CD
 
 on:
   push:
-    branches: [ master, next ] 
 
 jobs:
   docker-build-squash-push:
@@ -11,26 +10,3 @@ jobs:
       tag: ${{ github.ref_name }}
     secrets: 
       TOKEN: ${{secrets.GITHUB_TOKEN}}
-
-  amazon-ecr:
-    runs-on: ubuntu-latest
-    if: github.ref == 'refs/heads/next' || github.ref == 'refs/heads/master'
-    steps:
-    - name: Checkout
-      uses: actions/checkout@v4
-      with:
-        fetch-depth: 0
-        token: ${{ secrets.TOKEN }}
-    - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@v1
-      with:
-        aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
-        aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
-        aws-region: ${{ secrets.AWS_REGION }}
-    - name: Login to Amazon ECR
-      run: |
-        aws ecr-public get-login-password --region us-east-1 | docker login --username AWS --password-stdin public.ecr.aws/m4f6w3w9
-        docker build -t opengeodeweb-router .
-        docker tag opengeodeweb-router:latest public.ecr.aws/m4f6w3w9/opengeodeweb-router:${{github.ref_name}}
-        docker push public.ecr.aws/m4f6w3w9/opengeodeweb-router:${{github.ref_name}}
-

From 2c90f09affedea4fb3fde171acb96bd9e8418bd0 Mon Sep 17 00:00:00 2001
From: Arnaud Botella <arnaud.botella@geode-solutions.com>
Date: Wed, 11 Mar 2026 12:45:36 +0100
Subject: [PATCH 2/4] test

---
 Dockerfile | 7 +------
 nginx.conf | 5 +----
 2 files changed, 2 insertions(+), 10 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 8bf909a..f8502ab 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,9 +1,4 @@
 FROM nginx:alpine
 COPY nginx.conf /etc/nginx/nginx.conf
 
-RUN \
-    apk add openssl && \
-    openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/nginx.key -out /etc/nginx/nginx.crt -subj "/C=FR/ST=France/L=Pau/O=Geode-solutions"
-
-
-EXPOSE 443
\ No newline at end of file
+EXPOSE 80
\ No newline at end of file
diff --git a/nginx.conf b/nginx.conf
index ca555c7..acbac8c 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -10,12 +10,9 @@ http {
   gzip_min_length 1000;
 
   server {
-    listen 443 ssl;
+    listen 80;
     server_name localhost;
 
-    ssl_certificate nginx.crt;
-    ssl_certificate_key nginx.key;
-
     client_max_body_size 0;
 
     location ~ "^/[a-z0-9]{32}/geode/" {

From c467d3fa572d9f3951d1aa453651f9e6f778264a Mon Sep 17 00:00:00 2001
From: Arnaud Botella <arnaud.botella@geode-solutions.com>
Date: Wed, 11 Mar 2026 18:10:31 +0100
Subject: [PATCH 3/4] no id

---
 nginx.conf | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/nginx.conf b/nginx.conf
index acbac8c..b2d6120 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -15,11 +15,11 @@ http {
 
     client_max_body_size 0;
 
-    location ~ "^/[a-z0-9]{32}/geode/" {
+    location ~ "^/geode/" {
       if ($request_method !~ ^(DELETE|GET|POST|PUT|OPTIONS)$) {
         return 405;
       }
-      rewrite "^/[a-z0-9]{32}/geode/(.*)" /$1 break;
+      rewrite "^/geode/(.*)" /$1 break;
       proxy_pass http://localhost:5000;
       proxy_http_version 1.1;
       proxy_set_header Host $host;
@@ -28,11 +28,11 @@ http {
       proxy_set_header X-Forwarded-Proto $scheme;
     }
 
-    location ~ "^/[a-z0-9]{32}/viewer/" {
+    location ~ "^/viewer/" {
       if ($request_method !~ ^(GET|POST|OPTIONS)$) {
         return 405;
       }
-      rewrite "^/[a-z0-9]{32}/viewer/(.*)" /$1 break;
+      rewrite "^/viewer/(.*)" /$1 break;
       proxy_pass http://localhost:1234;
       proxy_http_version 1.1;
       proxy_set_header Host $host;

From e25de9f22d9ce7f491dad4b7c90a8dd6e8d6d6c5 Mon Sep 17 00:00:00 2001
From: Arnaud Botella <arnaud.botella@geode-solutions.com>
Date: Thu, 12 Mar 2026 16:30:58 +0100
Subject: [PATCH 4/4] check origins

---
 nginx.conf | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/nginx.conf b/nginx.conf
index b2d6120..6b7e435 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -2,6 +2,11 @@ events {
   worker_connections 1024;
 }
 
+map $http_origin $allow_origin {
+    ~^https://(.*\.)?geode-solutions\.com$  $http_origin;
+    default                                  "";
+}
+
 http {
   # Nginx will handle gzip compression of responses from the app server
   gzip on;
@@ -14,6 +19,10 @@ http {
     server_name localhost;
 
     client_max_body_size 0;
+    
+    add_header Access-Control-Allow-Origin $allow_origin;
+    add_header Access-Control-Allow-Credentials true;
+    add_header Vary Origin;
 
     location ~ "^/geode/" {
       if ($request_method !~ ^(DELETE|GET|POST|PUT|OPTIONS)$) {