fix(caddy): allow CORS on distribution /launcher/* for launcher.json fetch

The landing page (apex origin) fetches launcher.json from the distribution
vhost cross-origin to render download buttons; add Access-Control-Allow-Origin
on /launcher/* so the browser doesn't block it. Public assets, no credentials.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
2026-06-11 02:05:54 +02:00
parent 39b9262ee9
commit db63aa7d10

View File

@@ -3,5 +3,8 @@
# /srv/distribution by the caddy service in docker-compose.yml. # /srv/distribution by the caddy service in docker-compose.yml.
http://distribution.{$BASE_DOMAIN} { http://distribution.{$BASE_DOMAIN} {
root * /srv/distribution root * /srv/distribution
# The landing page (apex origin) fetches launcher.json cross-origin to render
# the download buttons. Allow it — launcher assets are fully public, no creds.
header /launcher/* Access-Control-Allow-Origin "*"
file_server browse file_server browse
} }