yuukiii/hermes-mcp
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix(auth): switch to K8s Redis, add claude.ai/chatgpt CORS origins

Browse Source 
- REDIS_URL → K8s ClusterIP with auth (fixes silent hang on host Redis)
- Socket timeouts (connectTimeout 3s, socketTimeout 5s) on Redis client
- Add claude.ai, chatgpt.com, chat.openai.com to CORS allowlist
- Update hermes-mcp image SHA (includes above changes)
- Add squaremcp-broker-demo.mp4 to site Dockerfile; bump site image SHA

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Garfield
2026-05-19 05:39:48 -04:00
parent 34983c44e2
commit da4058483a
5 changed files with 12 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
hermes-k8s.yaml
View File

@@ -22,7 +22,7 @@ spec:
fsGroup: 1000
containers:
- name: hermes-mcp
image: localhost:32000/hermes-mcp@sha256:b566707150fb4dd3f566b5c258d6f4d0ed8bf5c4405321268dfc647afa0ddda2
image: localhost:32000/hermes-mcp@sha256:b3716e0d7a86ba3b34047b75cd8af91078aaf9a1dcd64760bd238f358fb79e3f
imagePullPolicy: Always
securityContext:
allowPrivilegeEscalation: false
@@ -116,7 +116,7 @@ spec:
- name: MYSQL_PASSWORD
value: "fetcherpay"
- name: REDIS_URL
value: "redis://127.0.0.1:6379"
value: "redis://:redis_secure_2024@10.152.183.80:6379"
- name: CREDENTIAL_ENCRYPTION_KEY
value: "4ef9c48e9f4e5dfa843d4bfcc3a8f69c5ad5738326c8b0e878076853ae4b8416"
- name: JWT_SECRET

1
product/site/Dockerfile
View File

@@ -7,6 +7,7 @@ COPY product/site/script.js /usr/share/nginx/html/script.js
COPY product/site/squaremcp-logo.svg /usr/share/nginx/html/squaremcp-logo.svg
COPY product/site/squaremcp-hero-loop.mp4 /usr/share/nginx/html/squaremcp-hero-loop.mp4
COPY product/site/squaremcp-tiktok-launch.mp4 /usr/share/nginx/html/squaremcp-tiktok-launch.mp4
COPY product/site/squaremcp-broker-demo.mp4 /usr/share/nginx/html/squaremcp-broker-demo.mp4
COPY product/site/tiktok /usr/share/nginx/html/tiktok
COPY product/site/tiktokkFNJHjzDuzvGIlXnK4MaGw3MSluybOih.txt /usr/share/nginx/html/tiktokkFNJHjzDuzvGIlXnK4MaGw3MSluybOih.txt
COPY product/site/privacy.html /usr/share/nginx/html/privacy.html

2
product/site/squaremcp-k8s-ingress.yaml
View File

@@ -15,7 +15,7 @@ spec:
spec:
containers:
- name: squaremcp-site
image: localhost:32000/squaremcp-site@sha256:395e736f1899ce0f2402e34caa95359e2eb54b5424318cf8139982e66b35a974
image: localhost:32000/squaremcp-site@sha256:1330b918347b873b8dc18dc309349bc47c300463c7b6d5e43d4270bb17366269
imagePullPolicy: Always
ports:
- containerPort: 8080

3
src/index.ts
View File

@@ -89,6 +89,9 @@ const SQUAREMCP_ALLOWED_ORIGINS = new Set([
'https://www.squaremcp.com',
'https://app.squaremcp.com',
'https://tiktok.squaremcp.com',
'https://claude.ai',
'https://chatgpt.com',
'https://chat.openai.com',
]);
type PilotRequestBody = {

6
src/redis.ts
View File

@@ -1,6 +1,10 @@
import { createClient } from 'redis';
const redis = createClient({ url: process.env.REDIS_URL });
const redis = createClient({
url: process.env.REDIS_URL,
socket: { connectTimeout: 3000, socketTimeout: 5000 },
});
redis.on('error', (err) => console.error('[redis] error:', err.message));
redis.connect().catch((err) => console.error('[redis] connect error:', err));
export default redis;