fix(canvas): add NEXT_PUBLIC_ADMIN_TOKEN + CSP_DEV_MODE to docker-compose

Canvas needs AdminAuth token to fetch /workspaces (gated since PR #729) and CSP_DEV_MODE to allow cross-port fetches in local Docker. These were added earlier but lost on nuke+rebuild because they weren't committed to staging. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-20 12:19:12 -07:00 · 2026-04-20 12:19:12 -07:00 · 504239f510
commit 504239f510
parent c8dcc8c628
1 changed files with 3 additions and 0 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -183,11 +183,14 @@ services:
      args:
        NEXT_PUBLIC_PLATFORM_URL: ${NEXT_PUBLIC_PLATFORM_URL:-http://localhost:${PLATFORM_PUBLISH_PORT:-8080}}
        NEXT_PUBLIC_WS_URL: ${NEXT_PUBLIC_WS_URL:-ws://localhost:${PLATFORM_PUBLISH_PORT:-8080}/ws}
+        NEXT_PUBLIC_ADMIN_TOKEN: ${ADMIN_TOKEN:-}
    depends_on:
      platform:
        condition: service_healthy
    environment:
      PORT: "${CANVAS_PORT:-3000}"
+      # Local dev — relaxes CSP to allow cross-port fetches (canvas:3000 → platform:8080).
+      CSP_DEV_MODE: "${CSP_DEV_MODE:-1}"
      # NOTE: NEXT_PUBLIC_* are baked into the JS bundle at `next build` time —
      # these runtime values are ignored by the standalone output. They're kept
      # here for documentation / override during `docker compose build`.