deploy/caddy/nohype.caddy

@@ -1,23 +1,26 @@
-nohypeai.net, www.nohypeai.net {
+www.nohypeai.net {
-  encode gzip zstd
+	redir https://nohypeai.net{uri} permanent
-
+}
-  header {
+
-    X-Content-Type-Options nosniff
+nohypeai.net {
-    X-Frame-Options DENY
+	encode gzip zstd
-    Referrer-Policy strict-origin-when-cross-origin
+
-    Permissions-Policy "geolocation=(), microphone=(), camera=()"
+	header {
-    X-Forwarded-Proto https
+		X-Content-Type-Options nosniff
-  }
+		Referrer-Policy strict-origin-when-cross-origin
-
+		Permissions-Policy "geolocation=(), microphone=(), camera=()"
-  handle_path /static/* {
+		X-Forwarded-Proto https
-    root * /srv/sum/nohype/static
+	}
-    file_server
+
-  }
+	handle_path /static/* {
-
+		root * /srv/sum/nohype/static
-  handle_path /media/* {
+		file_server
-    root * /srv/sum/nohype/media
+	}
-    file_server
+
-  }
+	handle_path /media/* {
-
+		root * /srv/sum/nohype/media
-  reverse_proxy localhost:8001
+		file_server
+	}
+
+	reverse_proxy localhost:8001
 }

deploy/entrypoint.prod.sh

@@ -7,11 +7,16 @@ python manage.py migrate --noinput
 python manage.py collectstatic --noinput
 python manage.py update_index
 
-# Set Wagtail site hostname from first entry in ALLOWED_HOSTS
+# Set Wagtail site hostname from WAGTAILADMIN_BASE_URL when available.
+# This keeps preview/page URLs on the same origin as the admin host.
 python manage.py shell -c "
 from wagtail.models import Site
 import os
-hostname = os.environ.get('ALLOWED_HOSTS', 'localhost').split(',')[0].strip()
+from urllib.parse import urlparse
+
+admin_base = os.environ.get('WAGTAILADMIN_BASE_URL', '').strip()
+parsed = urlparse(admin_base) if admin_base else None
+hostname = parsed.hostname if parsed and parsed.hostname else os.environ.get('ALLOWED_HOSTS', 'localhost').split(',')[0].strip()
 Site.objects.update(hostname=hostname, port=443, site_name='No Hype AI')
 "