danieldaum.net / kaneo
kaneo (minimalist kanban) fork to experiment adding a tangled integration github.com/usekaneo/kaneo
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

feat(nginx): update well-known endpoints to serve MCP OAuth discovery JSON

Andrej f8df3384 7b1d17b1

+20 -8
+9 -5
apps/web/env.sh
··· 14 14 # Also check for the escaped version which might appear in some files 15 15 find /usr/share/nginx/html -type f -name "*.js" -exec grep -l "\"KANEO_API_URL\"" {} \; | xargs -r sed -i "s#\"KANEO_API_URL\"#\"$KANEO_API_URL\"#g" 16 16 17 - # Replace placeholder in nginx config so /.well-known proxies to the API 18 - sed -i "s#KANEO_API_URL_PLACEHOLDER#$KANEO_API_URL#g" /etc/nginx/conf.d/default.conf 17 + # Build MCP OAuth discovery JSON for nginx to serve at /.well-known 18 + BASE_URL=$(echo "$KANEO_API_URL" | sed 's#/api/*$##') 19 + PRM_JSON="{\"resource\":\"${BASE_URL}/api/mcp\",\"authorization_servers\":[\"${BASE_URL}/api\"]}" 20 + AS_JSON="{\"issuer\":\"${BASE_URL}/api\",\"authorization_endpoint\":\"${BASE_URL}/api/mcp/authorize\",\"token_endpoint\":\"${BASE_URL}/api/mcp/token\",\"registration_endpoint\":\"${BASE_URL}/api/mcp/register\",\"response_types_supported\":[\"code\"],\"grant_types_supported\":[\"authorization_code\"],\"code_challenge_methods_supported\":[\"S256\"],\"token_endpoint_auth_methods_supported\":[\"none\"]}" 21 + sed -i "s#MCP_PRM_JSON_PLACEHOLDER#$PRM_JSON#g" /etc/nginx/conf.d/default.conf 22 + sed -i "s#MCP_AS_JSON_PLACEHOLDER#$AS_JSON#g" /etc/nginx/conf.d/default.conf 19 23 20 24 echo "✅ Replaced KANEO_API_URL with $KANEO_API_URL" 21 25 else 22 26 echo "WARNING: KANEO_API_URL environment variable is not set. API calls may fail." 23 - # Replace proxy block with 404 so nginx doesn't fail on missing upstream 24 - sed -i 's#proxy_pass KANEO_API_URL_PLACEHOLDER;#return 404;#g' /etc/nginx/conf.d/default.conf 25 - sed -i '/proxy_set_header.*Host/d;/proxy_set_header.*Forwarded/d' /etc/nginx/conf.d/default.conf 27 + # No API URL — remove MCP placeholders so nginx doesn't serve broken JSON 28 + sed -i "s#MCP_PRM_JSON_PLACEHOLDER#{}#g" /etc/nginx/conf.d/default.conf 29 + sed -i "s#MCP_AS_JSON_PLACEHOLDER#{}#g" /etc/nginx/conf.d/default.conf 26 30 fi 27 31 28 32 # Process KANEO_CLIENT_URL efficiently
+11 -3
apps/web/nginx.conf
··· 16 16 gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; 17 17 gzip_comp_level 6; 18 18 19 + location = /.well-known/oauth-protected-resource/api/mcp { 20 + default_type application/json; 21 + return 200 'MCP_PRM_JSON_PLACEHOLDER'; 22 + } 23 + 24 + location = /.well-known/oauth-authorization-server/api { 25 + default_type application/json; 26 + return 200 'MCP_AS_JSON_PLACEHOLDER'; 27 + } 28 + 19 29 location /.well-known/ { 20 - proxy_pass KANEO_API_URL_PLACEHOLDER; 21 - proxy_set_header Host $host; 22 - proxy_set_header X-Forwarded-Proto $scheme; 30 + return 404; 23 31 } 24 32 25 33 # Root location