From 71ed2aecb106017006a2cb2ebfe922dfc446b539 Mon Sep 17 00:00:00 2001
From: Georg Krause <mail@georg-krause.net>
Date: Fri, 16 Jun 2023 16:09:32 +0200
Subject: [PATCH] fix: Make sure the old embed URLs are still working

Part-of: <https://dev.funkwhale.audio/funkwhale/funkwhale/-/merge_requests/2489>
---
 changes/changelog.d/2159.bugfix      | 1 +
 deploy/nginx.template                | 2 +-
 docker/nginx/conf.dev                | 4 ++--
 front/docker/funkwhale.conf.template | 2 +-
 4 files changed, 5 insertions(+), 4 deletions(-)
 create mode 100644 changes/changelog.d/2159.bugfix

diff --git a/changes/changelog.d/2159.bugfix b/changes/changelog.d/2159.bugfix
new file mode 100644
index 000000000..fca0c9dfb
--- /dev/null
+++ b/changes/changelog.d/2159.bugfix
@@ -0,0 +1 @@
+Make sure embed codes generated before 1.3.0 are still working
diff --git a/deploy/nginx.template b/deploy/nginx.template
index 60a7b9b19..5ba2ccfa1 100644
--- a/deploy/nginx.template
+++ b/deploy/nginx.template
@@ -96,7 +96,7 @@ server {
         try_files $uri $uri/ /index.html;
     }
 
-    location = /embed.html {
+    location ~ "/(front/)?embed.html" {
         add_header Content-Security-Policy "connect-src https: http: 'self'; default-src 'self'; script-src 'self' unpkg.com 'unsafe-inline' 'unsafe-eval'; style-src https: http: 'self' 'unsafe-inline'; img-src https: http: 'self' data:; font-src https: http: 'self' data:; object-src 'none'; media-src https: http: 'self' data:";
         add_header Referrer-Policy "strict-origin-when-cross-origin";
 
diff --git a/docker/nginx/conf.dev b/docker/nginx/conf.dev
index 6587d81a5..1270aa764 100644
--- a/docker/nginx/conf.dev
+++ b/docker/nginx/conf.dev
@@ -88,11 +88,11 @@ http {
             expires 1d;
         }
 
-        location = /embed.html {
+        location ~ "/(front/)?embed.html" {
             add_header Content-Security-Policy "connect-src https: http: 'self'; default-src 'self'; script-src 'self' unpkg.com 'unsafe-inline' 'unsafe-eval'; style-src https: http: 'self' 'unsafe-inline'; img-src https: http: 'self' data:; font-src https: http: 'self' data:; object-src 'none'; media-src https: http: 'self' data:";
             add_header Referrer-Policy "strict-origin-when-cross-origin";
 
-            proxy_pass   http://funkwhale-front;
+            proxy_pass   http://funkwhale-front/embed.html;
             expires 1d;
         }
 
diff --git a/front/docker/funkwhale.conf.template b/front/docker/funkwhale.conf.template
index 3e45379b4..af2fac74d 100644
--- a/front/docker/funkwhale.conf.template
+++ b/front/docker/funkwhale.conf.template
@@ -61,7 +61,7 @@ server {
         try_files $uri $uri/ /index.html;
     }
 
-    location = /embed.html {
+    location ~ "/(front/)?embed.html" {
         add_header Content-Security-Policy "connect-src https: http: 'self'; default-src 'self'; script-src 'self' unpkg.com 'unsafe-inline' 'unsafe-eval'; style-src https: http: 'self' 'unsafe-inline'; img-src https: http: 'self' data:; font-src https: http: 'self' data:; object-src 'none'; media-src https: http: 'self' data:";
         add_header Referrer-Policy "strict-origin-when-cross-origin";