Skip to content

Commit d869e15

Browse files
azvoleffazvoleff
committed
Clarify API_URL variables
1 parent 80f0b02 commit d869e15

File tree

7 files changed

+114
-105
lines changed

7 files changed

+114
-105
lines changed

.env.example

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,14 @@ CORS_ORIGINS=http://localhost:3000,http://localhost:8080
3434
# REQUIRED: API configuration for trends.earth-Environment integration
3535
API_ENVIRONMENT_USER=your_api_automation_user
3636
API_ENVIRONMENT_USER_PASSWORD=your_api_automation_password
37-
API_URL=your_api_url
37+
38+
# REQUIRED: Public API URL for emails (password reset links, welcome emails, etc.)
39+
# This should be the externally-accessible URL that users can reach
40+
API_PUBLIC_URL=https://api.trends.earth
41+
42+
# OPTIONAL: Internal API URL for execution containers (bypasses rate limiting)
43+
# Only needed if containers should use a different URL than the public one
44+
API_INTERNAL_URL=http://api:3000
3845

3946
# =============================================================================
4047
# DATABASE CONFIGURATION

.github/workflows/codedeploy_production.yml

Lines changed: 45 additions & 44 deletions
Original file line numberDiff line numberDiff line change
@@ -175,7 +175,7 @@ jobs:
175175
# Rollbar
176176
ROLLBAR_SCRIPT_TOKEN: ${{ secrets.ROLLBAR_SCRIPT_TOKEN }}
177177
ROLLBAR_SERVER_TOKEN: ${{ secrets.ROLLBAR_SERVER_TOKEN }}
178-
API_URL: ${{ vars.PRODUCTION_API_URL }}
178+
API_PUBLIC_URL: ${{ vars.PRODUCTION_API_PUBLIC_URL }}
179179
# S3 Configuration
180180
SCRIPTS_S3_BUCKET: ${{ vars.SCRIPTS_S3_BUCKET }}
181181
SCRIPTS_S3_PREFIX: ${{ vars.PRODUCTION_SCRIPTS_S3_PREFIX || 'api-files/scripts/production' }}
@@ -203,80 +203,81 @@ jobs:
203203
run: |
204204
# Generate prod.env with secrets from GitHub
205205
# This file is included in the deployment package and copied to the server
206+
# All values are single-quoted to prevent shell interpretation of special characters
206207
{
207208
echo "# Generated by GitHub Actions"
208209
echo "# Commit: ${{ github.sha }}"
209210
echo ""
210211
echo "# ECR Images (pre-built in CI)"
211-
echo "ECR_REGISTRY=$ECR_REGISTRY"
212-
echo "API_IMAGE=$API_IMAGE"
212+
echo "ECR_REGISTRY='$ECR_REGISTRY'"
213+
echo "API_IMAGE='$API_IMAGE'"
213214
echo ""
214215
echo "# Environment"
215-
echo "ENVIRONMENT=production"
216-
echo "DEBUG=False"
217-
echo "TESTING=false"
216+
echo "ENVIRONMENT='production'"
217+
echo "DEBUG='False'"
218+
echo "TESTING='false'"
218219
echo ""
219220
echo "# Flask/API Configuration"
220-
echo "SECRET_KEY=$SECRET_KEY"
221-
echo "JWT_SECRET_KEY=$JWT_SECRET_KEY"
222-
echo "API_ENVIRONMENT_USER=$API_ENVIRONMENT_USER"
223-
echo "API_ENVIRONMENT_USER_PASSWORD=$API_ENVIRONMENT_USER_PASSWORD"
221+
echo "SECRET_KEY='$SECRET_KEY'"
222+
echo "JWT_SECRET_KEY='$JWT_SECRET_KEY'"
223+
echo "API_ENVIRONMENT_USER='$API_ENVIRONMENT_USER'"
224+
echo "API_ENVIRONMENT_USER_PASSWORD='$API_ENVIRONMENT_USER_PASSWORD'"
224225
echo ""
225226
echo "# Database Configuration"
226-
echo "DATABASE_URL=$DATABASE_URL"
227+
echo "DATABASE_URL='$DATABASE_URL'"
227228
echo ""
228229
echo "# Redis Configuration (uses stack Redis service)"
229-
echo "REDIS_URL=redis://redis:6379/0"
230+
echo "REDIS_URL='redis://redis:6379/0'"
230231
echo ""
231232
echo "# Rate Limiting"
232-
echo "RATE_LIMITING_ENABLED=$RATE_LIMITING_ENABLED"
233-
echo "RATE_LIMIT_STORAGE_URI=redis://redis:6379/1"
234-
echo "DEFAULT_LIMITS=$RATE_LIMIT_DEFAULT_LIMITS"
235-
echo "API_LIMITS=$RATE_LIMIT_API_LIMITS"
236-
echo "AUTH_LIMITS=$RATE_LIMIT_AUTH_LIMITS"
237-
echo "PASSWORD_RESET_LIMITS=$RATE_LIMIT_PASSWORD_RESET_LIMITS"
238-
echo "USER_CREATION_LIMITS=$RATE_LIMIT_USER_CREATION_LIMITS"
239-
echo "EXECUTION_RUN_LIMITS=$RATE_LIMIT_EXECUTION_RUN_LIMITS"
240-
echo "TRUSTED_PROXY_COUNT=$RATE_LIMIT_TRUSTED_PROXY_COUNT"
241-
echo "INTERNAL_NETWORKS=$RATE_LIMIT_INTERNAL_NETWORKS"
233+
echo "RATE_LIMITING_ENABLED='$RATE_LIMITING_ENABLED'"
234+
echo "RATE_LIMIT_STORAGE_URI='redis://redis:6379/1'"
235+
echo "DEFAULT_LIMITS='$RATE_LIMIT_DEFAULT_LIMITS'"
236+
echo "API_LIMITS='$RATE_LIMIT_API_LIMITS'"
237+
echo "AUTH_LIMITS='$RATE_LIMIT_AUTH_LIMITS'"
238+
echo "PASSWORD_RESET_LIMITS='$RATE_LIMIT_PASSWORD_RESET_LIMITS'"
239+
echo "USER_CREATION_LIMITS='$RATE_LIMIT_USER_CREATION_LIMITS'"
240+
echo "EXECUTION_RUN_LIMITS='$RATE_LIMIT_EXECUTION_RUN_LIMITS'"
241+
echo "TRUSTED_PROXY_COUNT='$RATE_LIMIT_TRUSTED_PROXY_COUNT'"
242+
echo "INTERNAL_NETWORKS='$RATE_LIMIT_INTERNAL_NETWORKS'"
242243
echo ""
243244
echo "# Google Earth Engine"
244-
echo "EE_SERVICE_ACCOUNT_JSON=$EE_SERVICE_ACCOUNT_JSON"
245-
echo "GOOGLE_PROJECT_ID=$GOOGLE_PROJECT_ID"
246-
echo "GEE_ENDPOINT=$GEE_ENDPOINT"
247-
echo "GOOGLE_OAUTH_CLIENT_ID=$GOOGLE_OAUTH_CLIENT_ID"
248-
echo "GOOGLE_OAUTH_CLIENT_SECRET=$GOOGLE_OAUTH_CLIENT_SECRET"
249-
echo "GOOGLE_OAUTH_REDIRECT_URI=$GOOGLE_OAUTH_REDIRECT_URI"
245+
echo "EE_SERVICE_ACCOUNT_JSON='$EE_SERVICE_ACCOUNT_JSON'"
246+
echo "GOOGLE_PROJECT_ID='$GOOGLE_PROJECT_ID'"
247+
echo "GEE_ENDPOINT='$GEE_ENDPOINT'"
248+
echo "GOOGLE_OAUTH_CLIENT_ID='$GOOGLE_OAUTH_CLIENT_ID'"
249+
echo "GOOGLE_OAUTH_CLIENT_SECRET='$GOOGLE_OAUTH_CLIENT_SECRET'"
250+
echo "GOOGLE_OAUTH_REDIRECT_URI='$GOOGLE_OAUTH_REDIRECT_URI'"
250251
echo ""
251252
echo "# Rollbar Error Tracking"
252-
echo "ROLLBAR_SCRIPT_TOKEN=$ROLLBAR_SCRIPT_TOKEN"
253-
echo "ROLLBAR_SERVER_TOKEN=$ROLLBAR_SERVER_TOKEN"
253+
echo "ROLLBAR_SCRIPT_TOKEN='$ROLLBAR_SCRIPT_TOKEN'"
254+
echo "ROLLBAR_SERVER_TOKEN='$ROLLBAR_SERVER_TOKEN'"
254255
echo ""
255256
echo "# API URLs"
256-
echo "API_URL=$API_URL"
257-
echo "API_INTERNAL_URL=http://api:3000"
257+
echo "API_PUBLIC_URL='$API_PUBLIC_URL'"
258+
echo "API_INTERNAL_URL='http://api:3000'"
258259
echo ""
259260
echo "# S3 Configuration (uses EC2 instance role for credentials)"
260-
echo "SCRIPTS_S3_BUCKET=$SCRIPTS_S3_BUCKET"
261-
echo "SCRIPTS_S3_PREFIX=$SCRIPTS_S3_PREFIX"
262-
echo "PARAMS_S3_BUCKET=$PARAMS_S3_BUCKET"
263-
echo "PARAMS_S3_PREFIX=$PARAMS_S3_PREFIX"
261+
echo "SCRIPTS_S3_BUCKET='$SCRIPTS_S3_BUCKET'"
262+
echo "SCRIPTS_S3_PREFIX='$SCRIPTS_S3_PREFIX'"
263+
echo "PARAMS_S3_BUCKET='$PARAMS_S3_BUCKET'"
264+
echo "PARAMS_S3_PREFIX='$PARAMS_S3_PREFIX'"
264265
echo ""
265266
echo "# Docker Configuration"
266-
echo "REGISTRY_URL=$REGISTRY_URL"
267-
echo "DOCKER_SUBNET=$DOCKER_SUBNET"
268-
echo "EXECUTION_SUBNET=$EXECUTION_SUBNET"
267+
echo "REGISTRY_URL='$REGISTRY_URL'"
268+
echo "DOCKER_SUBNET='$DOCKER_SUBNET'"
269+
echo "EXECUTION_SUBNET='$EXECUTION_SUBNET'"
269270
echo ""
270271
echo "# Email Configuration (SparkPost)"
271-
echo "SPARKPOST_API_KEY=$SPARKPOST_API_KEY"
272+
echo "SPARKPOST_API_KEY='$SPARKPOST_API_KEY'"
272273
echo ""
273274
echo "# CORS Configuration"
274-
echo "CORS_ORIGINS=$CORS_ORIGINS"
275+
echo "CORS_ORIGINS='$CORS_ORIGINS'"
275276
echo ""
276277
echo "# Deployment info"
277-
echo "GIT_REVISION=${{ github.sha }}"
278-
echo "GIT_BRANCH=${{ github.ref_name }}"
279-
echo "DEPLOYMENT_ENVIRONMENT=production"
278+
echo "GIT_REVISION='${{ github.sha }}'"
279+
echo "GIT_BRANCH='${{ github.ref_name }}'"
280+
echo "DEPLOYMENT_ENVIRONMENT='production'"
280281
} > prod.env
281282
echo "✅ Created prod.env with $(wc -l < prod.env) lines"
282283

.github/workflows/codedeploy_staging.yml

Lines changed: 52 additions & 51 deletions
Original file line numberDiff line numberDiff line change
@@ -175,7 +175,7 @@ jobs:
175175
# Rollbar
176176
ROLLBAR_SCRIPT_TOKEN: ${{ secrets.ROLLBAR_SCRIPT_TOKEN }}
177177
ROLLBAR_SERVER_TOKEN: ${{ secrets.ROLLBAR_SERVER_TOKEN }}
178-
API_URL: ${{ vars.STAGING_API_URL }}
178+
API_PUBLIC_URL: ${{ vars.STAGING_API_PUBLIC_URL }}
179179
# S3 Configuration
180180
SCRIPTS_S3_BUCKET: ${{ vars.SCRIPTS_S3_BUCKET }}
181181
SCRIPTS_S3_PREFIX: ${{ vars.STAGING_SCRIPTS_S3_PREFIX || 'api-files/scripts/staging' }}
@@ -213,91 +213,92 @@ jobs:
213213
run: |
214214
# Generate staging.env with secrets from GitHub
215215
# This file is included in the deployment package and copied to the server
216+
# All values are single-quoted to prevent shell interpretation of special characters
216217
{
217218
echo "# Generated by GitHub Actions"
218219
echo "# Commit: ${{ github.sha }}"
219220
echo ""
220221
echo "# ECR Images (pre-built in CI)"
221-
echo "ECR_REGISTRY=$ECR_REGISTRY"
222-
echo "API_IMAGE=$API_IMAGE"
222+
echo "ECR_REGISTRY='$ECR_REGISTRY'"
223+
echo "API_IMAGE='$API_IMAGE'"
223224
echo ""
224225
echo "# Environment"
225-
echo "ENVIRONMENT=staging"
226-
echo "DEBUG=False"
227-
echo "TESTING=false"
226+
echo "ENVIRONMENT='staging'"
227+
echo "DEBUG='False'"
228+
echo "TESTING='false'"
228229
echo ""
229230
echo "# Flask/API Configuration"
230-
echo "SECRET_KEY=$SECRET_KEY"
231-
echo "JWT_SECRET_KEY=$JWT_SECRET_KEY"
232-
echo "API_ENVIRONMENT_USER=$API_ENVIRONMENT_USER"
233-
echo "API_ENVIRONMENT_USER_PASSWORD=$API_ENVIRONMENT_USER_PASSWORD"
231+
echo "SECRET_KEY='$SECRET_KEY'"
232+
echo "JWT_SECRET_KEY='$JWT_SECRET_KEY'"
233+
echo "API_ENVIRONMENT_USER='$API_ENVIRONMENT_USER'"
234+
echo "API_ENVIRONMENT_USER_PASSWORD='$API_ENVIRONMENT_USER_PASSWORD'"
234235
echo ""
235236
echo "# Database Configuration"
236-
echo "DATABASE_URL=$DATABASE_URL"
237+
echo "DATABASE_URL='$DATABASE_URL'"
237238
echo ""
238239
echo "# Redis Configuration (uses stack Redis service)"
239-
echo "REDIS_URL=redis://redis:6379/0"
240+
echo "REDIS_URL='redis://redis:6379/0'"
240241
echo ""
241242
echo "# Rate Limiting"
242-
echo "RATE_LIMITING_ENABLED=$RATE_LIMITING_ENABLED"
243-
echo "RATE_LIMIT_STORAGE_URI=redis://redis:6379/1"
244-
echo "DEFAULT_LIMITS=$RATE_LIMIT_DEFAULT_LIMITS"
245-
echo "API_LIMITS=$RATE_LIMIT_API_LIMITS"
246-
echo "AUTH_LIMITS=$RATE_LIMIT_AUTH_LIMITS"
247-
echo "PASSWORD_RESET_LIMITS=$RATE_LIMIT_PASSWORD_RESET_LIMITS"
248-
echo "USER_CREATION_LIMITS=$RATE_LIMIT_USER_CREATION_LIMITS"
249-
echo "EXECUTION_RUN_LIMITS=$RATE_LIMIT_EXECUTION_RUN_LIMITS"
250-
echo "TRUSTED_PROXY_COUNT=$RATE_LIMIT_TRUSTED_PROXY_COUNT"
251-
echo "INTERNAL_NETWORKS=$RATE_LIMIT_INTERNAL_NETWORKS"
243+
echo "RATE_LIMITING_ENABLED='$RATE_LIMITING_ENABLED'"
244+
echo "RATE_LIMIT_STORAGE_URI='redis://redis:6379/1'"
245+
echo "DEFAULT_LIMITS='$RATE_LIMIT_DEFAULT_LIMITS'"
246+
echo "API_LIMITS='$RATE_LIMIT_API_LIMITS'"
247+
echo "AUTH_LIMITS='$RATE_LIMIT_AUTH_LIMITS'"
248+
echo "PASSWORD_RESET_LIMITS='$RATE_LIMIT_PASSWORD_RESET_LIMITS'"
249+
echo "USER_CREATION_LIMITS='$RATE_LIMIT_USER_CREATION_LIMITS'"
250+
echo "EXECUTION_RUN_LIMITS='$RATE_LIMIT_EXECUTION_RUN_LIMITS'"
251+
echo "TRUSTED_PROXY_COUNT='$RATE_LIMIT_TRUSTED_PROXY_COUNT'"
252+
echo "INTERNAL_NETWORKS='$RATE_LIMIT_INTERNAL_NETWORKS'"
252253
echo ""
253254
echo "# Google Earth Engine"
254-
echo "EE_SERVICE_ACCOUNT_JSON=$EE_SERVICE_ACCOUNT_JSON"
255-
echo "GOOGLE_PROJECT_ID=$GOOGLE_PROJECT_ID"
256-
echo "GEE_ENDPOINT=$GEE_ENDPOINT"
257-
echo "GOOGLE_OAUTH_CLIENT_ID=$GOOGLE_OAUTH_CLIENT_ID"
258-
echo "GOOGLE_OAUTH_CLIENT_SECRET=$GOOGLE_OAUTH_CLIENT_SECRET"
259-
echo "GOOGLE_OAUTH_REDIRECT_URI=$GOOGLE_OAUTH_REDIRECT_URI"
255+
echo "EE_SERVICE_ACCOUNT_JSON='$EE_SERVICE_ACCOUNT_JSON'"
256+
echo "GOOGLE_PROJECT_ID='$GOOGLE_PROJECT_ID'"
257+
echo "GEE_ENDPOINT='$GEE_ENDPOINT'"
258+
echo "GOOGLE_OAUTH_CLIENT_ID='$GOOGLE_OAUTH_CLIENT_ID'"
259+
echo "GOOGLE_OAUTH_CLIENT_SECRET='$GOOGLE_OAUTH_CLIENT_SECRET'"
260+
echo "GOOGLE_OAUTH_REDIRECT_URI='$GOOGLE_OAUTH_REDIRECT_URI'"
260261
echo ""
261262
echo "# Rollbar Error Tracking"
262-
echo "ROLLBAR_SCRIPT_TOKEN=$ROLLBAR_SCRIPT_TOKEN"
263-
echo "ROLLBAR_SERVER_TOKEN=$ROLLBAR_SERVER_TOKEN"
263+
echo "ROLLBAR_SCRIPT_TOKEN='$ROLLBAR_SCRIPT_TOKEN'"
264+
echo "ROLLBAR_SERVER_TOKEN='$ROLLBAR_SERVER_TOKEN'"
264265
echo ""
265266
echo "# API URLs"
266-
echo "API_URL=$API_URL"
267-
echo "API_INTERNAL_URL=http://api:3000"
267+
echo "API_PUBLIC_URL='$API_PUBLIC_URL'"
268+
echo "API_INTERNAL_URL='http://api:3000'"
268269
echo ""
269270
echo "# S3 Configuration (uses EC2 instance role for credentials)"
270-
echo "SCRIPTS_S3_BUCKET=$SCRIPTS_S3_BUCKET"
271-
echo "SCRIPTS_S3_PREFIX=$SCRIPTS_S3_PREFIX"
272-
echo "PARAMS_S3_BUCKET=$PARAMS_S3_BUCKET"
273-
echo "PARAMS_S3_PREFIX=$PARAMS_S3_PREFIX"
271+
echo "SCRIPTS_S3_BUCKET='$SCRIPTS_S3_BUCKET'"
272+
echo "SCRIPTS_S3_PREFIX='$SCRIPTS_S3_PREFIX'"
273+
echo "PARAMS_S3_BUCKET='$PARAMS_S3_BUCKET'"
274+
echo "PARAMS_S3_PREFIX='$PARAMS_S3_PREFIX'"
274275
echo ""
275276
echo "# Docker Configuration"
276-
echo "REGISTRY_URL=$REGISTRY_URL"
277-
echo "DOCKER_SUBNET=$DOCKER_SUBNET"
278-
echo "EXECUTION_SUBNET=$EXECUTION_SUBNET"
277+
echo "REGISTRY_URL='$REGISTRY_URL'"
278+
echo "DOCKER_SUBNET='$DOCKER_SUBNET'"
279+
echo "EXECUTION_SUBNET='$EXECUTION_SUBNET'"
279280
echo ""
280281
echo "# Email Configuration (SparkPost)"
281-
echo "SPARKPOST_API_KEY=$SPARKPOST_API_KEY"
282+
echo "SPARKPOST_API_KEY='$SPARKPOST_API_KEY'"
282283
echo ""
283284
echo "# CORS Configuration"
284-
echo "CORS_ORIGINS=$CORS_ORIGINS"
285+
echo "CORS_ORIGINS='$CORS_ORIGINS'"
285286
echo ""
286287
echo "# Staging Database Setup (for migrate service)"
287288
echo "# Production database URL for copying scripts/data to staging"
288-
echo "PRODUCTION_DATABASE_URL=$PRODUCTION_DATABASE_URL"
289+
echo "PRODUCTION_DATABASE_URL='$PRODUCTION_DATABASE_URL'"
289290
echo "# Test user credentials"
290-
echo "TEST_SUPERADMIN_EMAIL=$TEST_SUPERADMIN_EMAIL"
291-
echo "TEST_SUPERADMIN_PASSWORD=$TEST_SUPERADMIN_PASSWORD"
292-
echo "TEST_ADMIN_EMAIL=$TEST_ADMIN_EMAIL"
293-
echo "TEST_ADMIN_PASSWORD=$TEST_ADMIN_PASSWORD"
294-
echo "TEST_USER_EMAIL=$TEST_USER_EMAIL"
295-
echo "TEST_USER_PASSWORD=$TEST_USER_PASSWORD"
291+
echo "TEST_SUPERADMIN_EMAIL='$TEST_SUPERADMIN_EMAIL'"
292+
echo "TEST_SUPERADMIN_PASSWORD='$TEST_SUPERADMIN_PASSWORD'"
293+
echo "TEST_ADMIN_EMAIL='$TEST_ADMIN_EMAIL'"
294+
echo "TEST_ADMIN_PASSWORD='$TEST_ADMIN_PASSWORD'"
295+
echo "TEST_USER_EMAIL='$TEST_USER_EMAIL'"
296+
echo "TEST_USER_PASSWORD='$TEST_USER_PASSWORD'"
296297
echo ""
297298
echo "# Deployment info"
298-
echo "GIT_REVISION=${{ github.sha }}"
299-
echo "GIT_BRANCH=${{ github.ref_name }}"
300-
echo "DEPLOYMENT_ENVIRONMENT=staging"
299+
echo "GIT_REVISION='${{ github.sha }}'"
300+
echo "GIT_BRANCH='${{ github.ref_name }}'"
301+
echo "DEPLOYMENT_ENVIRONMENT='staging'"
301302
} > staging.env
302303
echo "✅ Created staging.env with $(wc -l < staging.env) lines"
303304

README.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -308,7 +308,7 @@ The application uses two separate API URL configurations to handle different use
308308

309309
| Variable | Purpose | Example |
310310
|----------|---------|---------|
311-
| `API_URL` | **Public URL** for external-facing links (password reset emails, user notifications) | `https://api.trends.earth` |
311+
| `API_PUBLIC_URL` | **Public URL** for external-facing links (password reset emails, user notifications) | `https://api.trends.earth` |
312312
| `API_INTERNAL_URL` | **Internal URL** for execution containers to call back to the API (bypasses rate limiting) | `http://api:3000` |
313313

314314
**Why Two URLs?**
@@ -318,7 +318,7 @@ The application uses two separate API URL configurations to handle different use
318318
**Configuration:**
319319
```bash
320320
# In your environment file (prod.env, staging.env)
321-
API_URL=https://api.trends.earth # Public URL for emails
321+
API_PUBLIC_URL=https://api.trends.earth # Public URL for emails
322322
API_INTERNAL_URL=http://api:3000 # Internal URL for execution containers
323323
```
324324

docs/CODEDEPLOY_SETUP.md

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -217,8 +217,8 @@ Add these to GitHub Variables (Settings → Secrets and variables → Actions
217217

218218
| Variable Name | Description | Example |
219219
|---------------|-------------|---------|
220-
| `STAGING_API_URL` | Staging API base URL (public, for emails) | `https://api-staging.trends.earth` |
221-
| `PRODUCTION_API_URL` | Production API base URL (public, for emails) | `https://api.trends.earth` |
220+
| `STAGING_API_PUBLIC_URL` | Staging API base URL (public, for emails) | `https://api-staging.trends.earth` |
221+
| `PRODUCTION_API_PUBLIC_URL` | Production API base URL (public, for emails) | `https://api.trends.earth` |
222222

223223
#### Google Cloud
224224

gefapi/config/base.py

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,6 @@
1616
"logging": {"level": os.getenv("LOG_LEVEL", "INFO")},
1717
"service": {"port": 3000},
1818
"environment": {
19-
# ROLLBAR_SCRIPT_TOKEN falls back to ROLLBAR_SERVER_TOKEN for backwards compatibility
2019
"ROLLBAR_SCRIPT_TOKEN": os.getenv("ROLLBAR_SCRIPT_TOKEN")
2120
or os.getenv("ROLLBAR_SERVER_TOKEN"),
2221
"ROLLBAR_SERVER_TOKEN": os.getenv("ROLLBAR_SERVER_TOKEN"),
@@ -39,8 +38,9 @@
3938
"GOOGLE_OAUTH_TOKEN_URI", "https://oauth2.googleapis.com/token"
4039
),
4140
},
42-
# Public API_URL for emails (password reset links, etc.)
43-
"API_URL": os.getenv("API_URL"),
41+
# Public API URL for emails (password reset links, etc.)
42+
# Distinct from SETTINGS["environment"]["API_URL"] which is for internal container use
43+
"API_PUBLIC_URL": os.getenv("API_PUBLIC_URL"),
4444
"ROLES": ["SUPERADMIN", "ADMIN", "USER"],
4545
"SQLALCHEMY_DATABASE_URI": os.getenv("DATABASE_URL")
4646
or (

gefapi/services/user_service.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -248,7 +248,7 @@ def _create_user_secure(email_addr, password, role, name, country, institution):
248248
db.session.commit()
249249

250250
# Build the reset URL (points to UI, which routes to /reset-password)
251-
api_url = SETTINGS.get("API_URL", "https://api.trends.earth")
251+
api_url = SETTINGS.get("API_PUBLIC_URL", "https://api.trends.earth")
252252
reset_url = f"{api_url}/reset-password?token={reset_token.token}"
253253

254254
# Send welcome email with reset link
@@ -607,7 +607,7 @@ def _recover_password_secure(user):
607607
db.session.commit()
608608

609609
# Build the reset URL (points to UI, which routes to /reset-password)
610-
api_url = SETTINGS.get("API_URL", "https://api.trends.earth")
610+
api_url = SETTINGS.get("API_PUBLIC_URL", "https://api.trends.earth")
611611
reset_url = f"{api_url}/reset-password?token={reset_token.token}"
612612

613613
# Send email with reset link (not the password itself)

0 commit comments

Comments
 (0)