#!/bin/bash set -e # 1. NETWORK & PROXY ROUTING export TRUST_PROXY="true" export EXPRESS_TRUST_PROXY="true" if [ -n "$SPACE_HOST" ]; then export NANGO_SERVER_URL="https://$SPACE_HOST" export NANGO_PUBLIC_SERVER_URL="https://$SPACE_HOST" export NANGO_PUBLIC_CONNECT_URL="https://$SPACE_HOST" export NANGO_CALLBACK_URL="https://$SPACE_HOST/oauth/callback" echo "🌐 Nango routing mapped to: $NANGO_SERVER_URL" else export NANGO_SERVER_URL="http://localhost:7860" export NANGO_PUBLIC_SERVER_URL="http://localhost:7860" export NANGO_PUBLIC_CONNECT_URL="http://localhost:7860" export NANGO_CALLBACK_URL="http://localhost:7860/oauth/callback" fi # 2. AUTH & CREDENTIALS export FLAG_AUTH_ENABLED="false" export NANGO_NO_AUTH="true" export DISABLE_AUTH="true" export NANGO_DASHBOARD_USERNAME="${NANGO_DASHBOARD_USERNAME:-admin}" export NANGO_DASHBOARD_PASSWORD="${NANGO_DASHBOARD_PASSWORD:-NangoSecurePassword2026!}" echo "🔒 Auth params injected. User: $NANGO_DASHBOARD_USERNAME" if [ -z "$NANGO_ENCRYPTION_KEY" ]; then export NANGO_ENCRYPTION_KEY="dGhpcyBpcyBhIDMyLWJ5dGUgc2VjcmV0IGtleSEhISE=" export NANGO_SECRET_KEY="dGhpcyBpcyBhIDMyLWJ5dGUgc2VjcmV0IGtleSEhISE=" echo "🔑 Default encryption keys initialized." fi # Disable TLS cert verification globally — Supabase pooler uses # an intermediate cert that Node rejects as self-signed export NODE_TLS_REJECT_UNAUTHORIZED="0" # 3. PARSE DATABASE_URL → ALL DB ENV VARS if [ -z "$DATABASE_URL" ]; then echo "❌ DATABASE_URL not set." exit 1 fi DB_STRIPPED="${DATABASE_URL#postgresql://}" DB_STRIPPED="${DB_STRIPPED#postgres://}" DB_USERPASS="${DB_STRIPPED%%@*}" DB_HOSTPATH="${DB_STRIPPED#*@}" DB_USER="${DB_USERPASS%%:*}" DB_PASSWORD="${DB_USERPASS#*:}" DB_HOSTPORT="${DB_HOSTPATH%%/*}" DB_NAME="${DB_HOSTPATH#*/}" DB_NAME="${DB_NAME%%\?*}" DB_HOST="${DB_HOSTPORT%%:*}" DB_PORT="${DB_HOSTPORT##*:}" [ "$DB_PORT" = "$DB_HOST" ] && DB_PORT="5432" export NANGO_DB_USER="$DB_USER" export NANGO_DB_PASSWORD="$DB_PASSWORD" export NANGO_DB_HOST="$DB_HOST" export NANGO_DB_PORT="$DB_PORT" export NANGO_DB_NAME="$DB_NAME" export NANGO_DB_SSL="true" export NANGO_DB_SSL_REJECT_UNAUTHORIZED="false" # All packages use one of these — cover every variant export DATABASE_URL="postgresql://${DB_USER}:${DB_PASSWORD}@${DB_HOST}:${DB_PORT}/${DB_NAME}?sslmode=no-verify" export RECORDS_DATABASE_URL="$DATABASE_URL" export KEYSTORE_DATABASE_URL="$DATABASE_URL" echo "🗄️ DB → $DB_HOST:$DB_PORT/$DB_NAME as $DB_USER" # 4. PATCH uuid_generate_v4 → gen_random_uuid IN MIGRATIONS echo "🔧 Patching Nango migrations..." find /app/nango -type f \( -name "*.cjs" -o -name "*.js" -o -name "*.ts" \) \ -exec grep -l "uuid_generate_v4" {} \; | while IFS= read -r file; do sed -i 's/uuid_generate_v4()/gen_random_uuid()/g' "$file" echo " ✅ Patched: $file" done echo "✅ Migration patch complete." # 5. START REDIS echo "🚀 Starting Redis..." redis-server --daemonize yes sleep 1 echo "✅ Redis ready." # 6. LOCATE NANGO ENTRYPOINT echo "🔍 Locating Nango core server..." NANGO_CORE_SERVER="" for candidate in \ "/app/nango/packages/server/dist/src/server.js" \ "/app/nango/packages/server/dist/src/index.js" \ "/app/nango/packages/server/dist/server.js" \ "/app/nango/packages/server/dist/index.js"; do [ -f "$candidate" ] && { NANGO_CORE_SERVER="$candidate"; break; } done if [ -z "$NANGO_CORE_SERVER" ]; then NANGO_CORE_SERVER=$(find /app/nango/packages/server/dist -type f \ \( -name "server.js" -o -name "index.js" \) \ | grep -v -E "controllers|mcp|workers" \ | head -n 1) fi [ -z "$NANGO_CORE_SERVER" ] || [ ! -f "$NANGO_CORE_SERVER" ] && { echo "❌ Could not locate Nango server entrypoint."; exit 1; } echo "🎯 Nango entrypoint: $NANGO_CORE_SERVER" exec docker-entrypoint.sh node "$NANGO_CORE_SERVER"