From 192d457c8754fbb1f0a7d40dae378e0f444247d9 Mon Sep 17 00:00:00 2001 From: Yury Kossakovsky Date: Tue, 30 Dec 2025 16:21:26 -0700 Subject: [PATCH] fix(gost): add nocodb to no_proxy bypass list n8n couldn't connect to nocodb via internal hostname when gost proxy is enabled. also ensures gost_no_proxy is updated from template on system updates. --- .env.example | 2 +- scripts/03_generate_secrets.sh | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/.env.example b/.env.example index 49164f9..4f40332 100644 --- a/.env.example +++ b/.env.example @@ -432,7 +432,7 @@ GOST_PROXY_URL= GOST_UPSTREAM_PROXY= # Internal services bypass list (prevents internal Docker traffic from going through proxy) -GOST_NO_PROXY=localhost,127.0.0.1,postgres,redis,caddy,ollama,neo4j,qdrant,weaviate,clickhouse,minio,searxng,crawl4ai,gotenberg,langfuse-web,langfuse-worker,flowise,n8n,n8n-import,n8n-worker-1,n8n-worker-2,n8n-worker-3,n8n-worker-4,n8n-worker-5,n8n-worker-6,n8n-worker-7,n8n-worker-8,n8n-worker-9,n8n-worker-10,n8n-runner-1,n8n-runner-2,n8n-runner-3,n8n-runner-4,n8n-runner-5,n8n-runner-6,n8n-runner-7,n8n-runner-8,n8n-runner-9,n8n-runner-10,letta,lightrag,docling,postiz,ragflow,ragflow-mysql,ragflow-minio,ragflow-redis,ragflow-elasticsearch,ragapp,open-webui,comfyui,waha,libretranslate,paddleocr,gost +GOST_NO_PROXY=localhost,127.0.0.1,postgres,redis,caddy,ollama,neo4j,qdrant,weaviate,clickhouse,minio,searxng,crawl4ai,gotenberg,langfuse-web,langfuse-worker,flowise,n8n,n8n-import,n8n-worker-1,n8n-worker-2,n8n-worker-3,n8n-worker-4,n8n-worker-5,n8n-worker-6,n8n-worker-7,n8n-worker-8,n8n-worker-9,n8n-worker-10,n8n-runner-1,n8n-runner-2,n8n-runner-3,n8n-runner-4,n8n-runner-5,n8n-runner-6,n8n-runner-7,n8n-runner-8,n8n-runner-9,n8n-runner-10,letta,lightrag,docling,postiz,ragflow,ragflow-mysql,ragflow-minio,ragflow-redis,ragflow-elasticsearch,ragapp,open-webui,comfyui,waha,libretranslate,paddleocr,nocodb,gost ############ # Functions - Configuration for Functions diff --git a/scripts/03_generate_secrets.sh b/scripts/03_generate_secrets.sh index 95a6898..c49a818 100755 --- a/scripts/03_generate_secrets.sh +++ b/scripts/03_generate_secrets.sh @@ -550,6 +550,13 @@ else _update_or_add_env_var "GOST_PROXY_URL" "" fi +# Update GOST_NO_PROXY from template to ensure all internal services are included +# This overwrites user's value to guarantee new services added in updates are included +template_no_proxy=$(grep -E "^GOST_NO_PROXY=" "$TEMPLATE_FILE" 2>/dev/null | cut -d'=' -f2- | tr -d '"' || echo "") +if [[ -n "$template_no_proxy" ]]; then + _update_or_add_env_var "GOST_NO_PROXY" "$template_no_proxy" +fi + # Hash passwords using caddy with bcrypt (consolidated loop) SERVICES_NEEDING_HASH=("PROMETHEUS" "SEARXNG" "COMFYUI" "PADDLEOCR" "RAGAPP" "LT" "DOCLING" "WELCOME")