Michele/leopost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
64a4a5fcbc759207109d9507528e89d9f8a3ae50
leopost/CLAUDE.md
Michele 64a4a5fcbc Add project documentation with deployment lessons learned 
- Document nginx buffer configuration for Supabase Auth OAuth
- Document Next.js basePath/trailingSlash configuration
- Document middleware matcher best practices
- Add useful commands and current phase status

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-01-31 20:13:25 +01:00

4.7 KiB
Raw Blame History

Leopost - Note di Progetto

Panoramica

Social media manager potenziato dall'AI. Gestisce post su multiple piattaforme social.

URL Live: https://lab.mlhub.it/leopost/ Repository: https://git.mlhub.it/Michele/leopost Supabase Project: cizyzbdylxxjjhgnvyub

Stack Tecnico

  • Frontend: Next.js 16 con App Router
  • Auth: Supabase Auth (Email/Password + Google OAuth)
  • Database: Supabase Cloud PostgreSQL
  • Deployment: Docker su VPS con nginx reverse proxy

Configurazione Critica

Next.js per Subpath Deployment

// next.config.ts
const nextConfig: NextConfig = {
  basePath: '/leopost',
  trailingSlash: true,
};

Variabili Ambiente (.env su VPS)

SUPABASE_URL=https://cizyzbdylxxjjhgnvyub.supabase.co
SUPABASE_ANON_KEY=...
SUPABASE_SERVICE_ROLE_KEY=...
APP_URL=https://lab.mlhub.it/leopost

Problemi Riscontrati e Soluzioni

1. Build OOM (Out of Memory)

Problema: Build Next.js killed durante npm run build con 512MB RAM limit. Soluzione: Aumentare memory limit in docker-compose.yml a 1024MB.

2. Redirect Loop HTTP/HTTPS

Problema: /leopost senza trailing slash causava loop redirect e downgrade a HTTP. Soluzione:

  • Aggiungere trailingSlash: true in next.config.ts
  • Aggiungere location esplicita in nginx:
location = /leopost {
    return 301 https://$host/leopost/;
}

3. Middleware Intercetta Tutte le Route

Problema: Homepage bianca perché il middleware Next.js intercettava anche le pagine statiche. Soluzione: Limitare il matcher del middleware solo alle route che richiedono auth check:

export const config = {
  matcher: [
    '/dashboard/:path*',
    '/settings/:path*',
    '/subscription/:path*',
    '/login',
    '/login/',
    '/register',
    '/register/',
  ],
}

NON includere: /, /auth/:path*, pagine statiche pubbliche.

4. OAuth 502 Bad Gateway - Header Troppo Grandi (CRITICO)

Problema: Google OAuth callback restituiva 502 Bad Gateway. Causa: Supabase Auth setta cookie JWT molto grandi (~4KB) nella risposta. I buffer nginx di default sono troppo piccoli.

Soluzione - ENTRAMBI i livelli nginx richiedono configurazione:

A) lab-router (/opt/lab-router/projects/leopost.conf):

location /leopost/ {
    proxy_pass http://lab-leopost-app:3000;
    proxy_http_version 1.1;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header Connection "";

    # CRITICO per Supabase Auth
    proxy_buffer_size 256k;
    proxy_buffers 8 256k;
    proxy_busy_buffers_size 512k;
}

B) NPM (Nginx Proxy Manager) - file /data/nginx/custom/server_proxy.conf:

# Large buffer sizes for Supabase Auth JWT cookies
proxy_buffer_size 256k;
proxy_buffers 8 256k;
proxy_busy_buffers_size 512k;

Importante: Il 502 può venire da ENTRAMBI i nginx nella catena:

Browser → NPM → lab-router → app

Se solo lab-router ha i buffer grandi ma NPM no, il 502 viene da NPM.

5. OAuth Redirect URL Errati

Problema: Dopo Google auth, redirect a localhost o URL senza basePath. Soluzione: Usare NEXT_PUBLIC_APP_URL per costruire redirect URL dinamici:

// src/app/auth/callback/route.ts
const baseUrl = process.env.NEXT_PUBLIC_APP_URL || 'https://lab.mlhub.it/leopost'
return NextResponse.redirect(`${baseUrl}${next}`)

Configurazione Supabase Dashboard

Authentication > URL Configuration

  • Site URL: https://lab.mlhub.it/leopost
  • Redirect URLs:
    • https://lab.mlhub.it/leopost/auth/callback
    • https://lab.mlhub.it/leopost/auth/callback/

Authentication > Providers > Google

  • Abilitare Google provider
  • Configurare Client ID e Client Secret da Google Cloud Console
  • Authorized redirect URI in Google: https://cizyzbdylxxjjhgnvyub.supabase.co/auth/v1/callback

Comandi Utili

# Deploy aggiornamenti
cd "D:\Michele\Progetti\Claude\VPS echosystem\lab\leopost"
git add . && git commit -m "Update" && git push origin main
ssh mic@72.62.49.98 "cd /opt/lab-leopost && git pull && docker compose restart"

# Verificare log container
ssh mic@72.62.49.98 "docker logs --tail 50 lab-leopost-app"

# Verificare log nginx lab-router
ssh mic@72.62.49.98 "docker logs --tail 50 lab-router"

# Verificare log NPM (per errori 502)
ssh mic@72.62.49.98 "docker exec nginx-proxy-app-1 tail -30 /data/logs/proxy-host-8_error.log"

Stato Fasi

  • Fase 1: Autenticazione (Email/Password + Google OAuth)
  • Fase 2: Dashboard e gestione account social
  • Fase 3: Creazione e scheduling post
  • Fase 4: Integrazione AI per generazione contenuti
Reference in New Issue View Git Blame Copy Permalink