feat: support reverse proxy path prefix deployments (#257)

* feat: support reverse proxy path prefixes * fix: respect BASE_URL in SAML callback fallback * fix: make BASE_URL runtime configurable
2026-04-10 13:08:13 +03:00 · 2026-04-09 12:32:59 +05:30
parent c87513b648
commit 01a3b08dac
58 changed files with 552 additions and 114 deletions
--- a/.env.example
+++ b/.env.example
@@ -9,6 +9,8 @@
 NODE_ENV=production
 HOST=0.0.0.0
 PORT=4321
+# Optional application base path (use "/" for root, or "/mirror" for subpath deployments)
+BASE_URL=/

 # Database Configuration
 # For self-hosted, SQLite is used by default
@@ -31,6 +33,12 @@ BETTER_AUTH_URL=http://localhost:4321
 #   PUBLIC_BETTER_AUTH_URL=https://gitea-mirror.example.com
 #   BETTER_AUTH_TRUSTED_ORIGINS=https://gitea-mirror.example.com
 #
+# If your app is served from a path prefix (e.g. https://git.example.com/mirror), set:
+#   BASE_URL=/mirror
+#   BETTER_AUTH_URL=https://git.example.com
+#   PUBLIC_BETTER_AUTH_URL=https://git.example.com
+#   BETTER_AUTH_TRUSTED_ORIGINS=https://git.example.com
+#
 # BETTER_AUTH_URL            - Used server-side for auth callbacks and redirects
 # PUBLIC_BETTER_AUTH_URL     - Used client-side (browser) for auth API calls
 # BETTER_AUTH_TRUSTED_ORIGINS - Comma-separated list of origins allowed to make auth requests