Fix domain configuration for app.blackroad.systems and blackroad.systems

Updates: - Add app.blackroad.systems to ALLOWED_ORIGINS in both .env.example and config.py - Add blackroad-operating-system-production.up.railway.app to ALLOWED_ORIGINS - Update DNS.md to reflect current domain routing (both root and app subdomains point to same service) - Ensures CORS works correctly for all production domains This fixes CORS issues when accessing the application via app.blackroad.systems or blackroad.systems on the Railway project 'gregarious-wonder' (blackroad-operating-system-production service).
2026-03-18 03:33:59 -05:00 · 2025-11-20 21:28:34 +00:00
parent 2c41a2d122
commit f9e1d7234e
3 changed files with 5 additions and 5 deletions
--- a/backend/.env.example
+++ b/backend/.env.example
@@ -24,7 +24,7 @@ ALGORITHM=HS256
 ACCESS_TOKEN_EXPIRE_MINUTES=30
 REFRESH_TOKEN_EXPIRE_DAYS=7
 WALLET_MASTER_KEY=changeme-wallet-master-key
-ALLOWED_ORIGINS=https://blackroad.systems,https://www.blackroad.systems,https://os.blackroad.systems,https://core.blackroad.systems,https://api.blackroad.systems,https://blackroad-os-core-production.up.railway.app,http://localhost:3000,http://localhost:8000
+ALLOWED_ORIGINS=https://blackroad.systems,https://app.blackroad.systems,https://www.blackroad.systems,https://os.blackroad.systems,https://core.blackroad.systems,https://api.blackroad.systems,https://blackroad-operating-system-production.up.railway.app,https://blackroad-os-core-production.up.railway.app,http://localhost:3000,http://localhost:8000
 JWT_SECRET=changeme-jwt-secret
 SESSION_SECRET=changeme-session-secret
 NEXTAUTH_SECRET=changeme-nextauth-secret
--- a/backend/app/config.py
+++ b/backend/app/config.py
@@ -30,7 +30,7 @@ class Settings(BaseSettings):
    # CORS
    # Include production domains by default to ensure Railway deployments work
-    ALLOWED_ORIGINS: str = "https://blackroad.systems,https://www.blackroad.systems,https://os.blackroad.systems,https://blackroad-operating-system-production.up.railway.app,http://localhost:3000,http://localhost:8000"
+    ALLOWED_ORIGINS: str = "https://blackroad.systems,https://app.blackroad.systems,https://www.blackroad.systems,https://os.blackroad.systems,https://blackroad-operating-system-production.up.railway.app,http://localhost:3000,http://localhost:8000"
    @property
    def allowed_origins_list(self) -> List[str]:
--- a/infra/DNS.md
+++ b/infra/DNS.md
@@ -27,7 +27,7 @@ All domains are configured in Cloudflare with CNAME records pointing to Railway
 | **core** | 9gw4d0h2.up.railway.app | Core API | Core backend services, auth, blockchain |
 | **api** | ac7bx15h.up.railway.app | Public API | Public-facing API gateway |
 | **app** | blackroad-operating-system-production.up.railway.app | OS Shell | Main operating system interface |
-| **@ (root)** | kng9hpna.up.railway.app | Root Service | Domain root redirect |
+| **@ (root)** | blackroad-operating-system-production.up.railway.app | Root Service | Domain root - points to main OS interface |
 | **console** | qqr1r4hd.up.railway.app | Prism Console | AI orchestration console |
 | **docs** | 2izt9kog.up.railway.app | Documentation | API docs, guides, references |
 | **os** | vtrb1hrx.up.railway.app | OS Interface | Operating system UI |
@@ -112,9 +112,9 @@ All domains are configured in Cloudflare with CNAME records pointing to Railway
 - **Purpose**: OS interface alternative endpoint
 ### Service: blackroad-os-root-domain
- **Railway URL**: kng9hpna.up.railway.app
+- **Railway URL**: blackroad-operating-system-production.up.railway.app
 - **Cloudflare DNS**: blackroad.systems (root)
- **Purpose**: Domain root service
+- **Purpose**: Domain root service - redirects to main OS interface
 ---