docker-entrypoint-wrapper.sh

#!/bin/sh

echo "Using remote PostgreSQL on Neon.tech..."

# Skip local PostgreSQL init and start

# Set NEXTAUTH_URL based on SPACE_HOST if available
if [ -n "$SPACE_ID" ]; then
    echo "Setting NEXTAUTH_URL to https://${SPACE_HOST}"
    export NEXTAUTH_URL="https://${SPACE_HOST}"
else
    echo "WARNING: SPACE_ID not found"
fi

# Set Neon PostgreSQL connection environment variables
export PGHOST='ep-steep-dream-adqtvjel-pooler.c-2.us-east-1.aws.neon.tech'
export PGDATABASE='neondb'
export PGUSER='neondb_owner'
export PGPASSWORD='npg_Qq0B1uWRXavx'
export PGSSLMODE='require'
export PGCHANNELBINDING='require'

# Compose the DATABASE_URL
export DATABASE_URL="postgresql://${PGUSER}:${PGPASSWORD}@${PGHOST}:5432/${PGDATABASE}?sslmode=${PGSSLMODE}&channel_binding=${PGCHANNELBINDING}"

# Export environment variables to influence Next.js binding
export HOSTNAME="0.0.0.0"
export HOST="0.0.0.0"
export PORT=3000

# Disable CSP headers to allow for embedded use within HF
export LANGFUSE_CSP_DISABLE="true"

# Preset OAuth env vars based on injected space variables
export AUTH_CUSTOM_CLIENT_ID=$OAUTH_CLIENT_ID
export AUTH_CUSTOM_CLIENT_SECRET=$OAUTH_CLIENT_SECRET
export AUTH_CUSTOM_ISSUER=$OPENID_PROVIDER_URL
export AUTH_CUSTOM_SCOPE=$OAUTH_SCOPES
export AUTH_CUSTOM_NAME="Hugging Face"

# Disable authentication via username/password
export AUTH_DISABLE_USERNAME_PASSWORD="true"

# Handle signup disabling logic
if [ -n "$AUTH_DISABLE_SIGNUP" ]; then
    export AUTH_DISABLE_SIGNUP="$AUTH_DISABLE_SIGNUP"
else
    export AUTH_DISABLE_SIGNUP="false"
fi

# Log connection details (don't do this in production with real passwords!)
echo "Connecting to Neon PostgreSQL at $PGHOST"

# Start Next.js app
echo "Starting Next.js..."
./web/entrypoint.sh node ./web/server.js