-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathnext.config.ts
More file actions
42 lines (38 loc) · 1.61 KB
/
Copy pathnext.config.ts
File metadata and controls
42 lines (38 loc) · 1.61 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
import type { NextConfig } from 'next'
// IMPORTANT: NEXT_SERVER_ACTIONS_ENCRYPTION_KEY must be set in production env
// (Dokploy). Without it, every build mints a fresh key and any client that
// still has the previous bundle cached throws:
// Error: Failed to find Server Action "x". This request might be from an
// older or newer deployment.
//
// Generate with: openssl rand -base64 32
// The same value must be reused across redeploys (set it once, never rotate
// unless you also want to invalidate every in-flight client session).
if (process.env.NODE_ENV === 'production' && !process.env.NEXT_SERVER_ACTIONS_ENCRYPTION_KEY) {
console.warn(
'[docs] NEXT_SERVER_ACTIONS_ENCRYPTION_KEY is not set — Server Action IDs will rotate on every build, ' +
'causing "Failed to find Server Action" errors for clients with cached bundles. ' +
'Generate one with `openssl rand -base64 32` and set it in the deployment env.'
)
}
const securityHeaders = [
{ key: 'Strict-Transport-Security', value: 'max-age=31536000; includeSubDomains' },
{ key: 'X-Content-Type-Options', value: 'nosniff' },
{ key: 'X-Frame-Options', value: 'SAMEORIGIN' },
{ key: 'Referrer-Policy', value: 'strict-origin-when-cross-origin' },
{
key: 'Permissions-Policy',
value: 'camera=(), microphone=(), geolocation=(), browsing-topics=()',
},
{
key: 'Content-Security-Policy',
value: "frame-ancestors 'self'; base-uri 'self'; object-src 'none'",
},
]
const nextConfig: NextConfig = {
reactStrictMode: true,
async headers() {
return [{ source: '/:path*', headers: securityHeaders }]
},
}
export default nextConfig