Allow setting multiple public URLs (baserow#4434)

bram2w · web-flow · commit 3e3fe088d830 · 2025-12-15T10:11:23.000+01:00
* Allow settings multiple public URLs

* Fixed feedback
diff --git a/Caddyfile b/Caddyfile
@@ -12,7 +12,12 @@
     }
 
     @is_baserow_tool {
-        expression "{$BASEROW_PUBLIC_URL}".contains({http.request.host})
+        expression `
+            "{$BASEROW_PUBLIC_URL}".contains({http.request.host}) ||
+            "{$BASEROW_EXTRA_PUBLIC_URLS}".split(",")
+                .filter(u, u != "" && u.contains({http.request.host}))
+                .size() > 0
+        `
     }
 
     handle @is_baserow_tool {
diff --git a/backend/src/baserow/config/settings/base.py b/backend/src/baserow/config/settings/base.py
@@ -777,6 +777,41 @@ def __setitem__(self, key, value):
 if PRIVATE_BACKEND_HOSTNAME:
     ALLOWED_HOSTS.append(PRIVATE_BACKEND_HOSTNAME)
 
+# Parse BASEROW_EXTRA_PUBLIC_URLS - comma-separated list of additional public URLs
+# where Baserow will be accessible. It's the same as the `BASEROW_PUBLIC_URL`, the
+# only difference is that the `BASEROW_PUBLIC_URL` is used in emails.
+BASEROW_EXTRA_PUBLIC_URLS = os.getenv("BASEROW_EXTRA_PUBLIC_URLS", "")
+EXTRA_PUBLIC_BACKEND_HOSTNAMES = []
+EXTRA_PUBLIC_WEB_FRONTEND_HOSTNAMES = []
+
+if BASEROW_EXTRA_PUBLIC_URLS:
+    extra_urls = [
+        url.strip() for url in BASEROW_EXTRA_PUBLIC_URLS.split(",") if url.strip()
+    ]
+
+    for url in extra_urls:
+        # Validate URL format - must start with http:// or https://
+        if not url.startswith(("http://", "https://")):
+            print(
+                f"WARNING: BASEROW_EXTRA_PUBLIC_URLS contains invalid URL '{url}'. "
+                "URLs must start with http:// or https://. Skipping."
+            )
+            continue
+
+        parsed_url = urlparse(url)
+        hostname = parsed_url.hostname
+
+        if not hostname:
+            print(f"WARNING: URL '{url}' has no hostname. Skipping.")
+            continue
+
+        if hostname not in ALLOWED_HOSTS:
+            ALLOWED_HOSTS.append(hostname)
+        if hostname not in EXTRA_PUBLIC_BACKEND_HOSTNAMES:
+            EXTRA_PUBLIC_BACKEND_HOSTNAMES.append(hostname)
+        if hostname not in EXTRA_PUBLIC_WEB_FRONTEND_HOSTNAMES:
+            EXTRA_PUBLIC_WEB_FRONTEND_HOSTNAMES.append(hostname)
+
 FROM_EMAIL = os.getenv("FROM_EMAIL", "no-reply@localhost")
 RESET_PASSWORD_TOKEN_MAX_AGE = 60 * 60 * 48  # 48 hours
 CHANGE_EMAIL_TOKEN_MAX_AGE = 60 * 60 * 12  # 12 hours
diff --git a/backend/src/baserow/contrib/builder/api/domains/views.py b/backend/src/baserow/contrib/builder/api/domains/views.py
@@ -389,10 +389,14 @@ def get(self, request):
         # certificate for the one domain, and ask for the rest of the domains.
         # Because the backend and web-frontend hostname are not builder domains,
         # we must add these as accepted domains.
-        allowed_domain = [
-            settings.PUBLIC_BACKEND_HOSTNAME,
-            settings.PUBLIC_WEB_FRONTEND_HOSTNAME,
-        ]
+        allowed_domain = set(
+            [
+                settings.PUBLIC_BACKEND_HOSTNAME,
+                settings.PUBLIC_WEB_FRONTEND_HOSTNAME,
+            ]
+            + settings.EXTRA_PUBLIC_BACKEND_HOSTNAMES
+            + settings.EXTRA_PUBLIC_WEB_FRONTEND_HOSTNAMES
+        )
 
         if domain_name in allowed_domain:
             return Response(None, status=200)
diff --git a/backend/tests/baserow/contrib/builder/api/domains/test_domain_public_views.py b/backend/tests/baserow/contrib/builder/api/domains/test_domain_public_views.py
@@ -628,6 +628,40 @@ def test_ask_public_builder_domain_exists_with_public_backend_and_web_frontend_d
     assert response.status_code == 200
 
 
+@pytest.mark.django_db
+@override_settings(
+    PUBLIC_BACKEND_HOSTNAME="backend.localhost",
+    PUBLIC_WEB_FRONTEND_HOSTNAME="web-frontend.localhost",
+    EXTRA_PUBLIC_BACKEND_HOSTNAMES=["extra1.localhost", "extra2.localhost"],
+    EXTRA_PUBLIC_WEB_FRONTEND_HOSTNAMES=["extra1.localhost", "extra2.localhost"],
+)
+def test_ask_public_builder_domain_exists_with_extra_public_urls(api_client):
+    # Should reject unknown domain
+    url = reverse("api:builder:domains:ask_exists") + "?domain=unknown.localhost"
+    response = api_client.get(url)
+    assert response.status_code == 404
+
+    # Should accept main backend hostname
+    url = reverse("api:builder:domains:ask_exists") + "?domain=backend.localhost"
+    response = api_client.get(url)
+    assert response.status_code == 200
+
+    # Should accept main web-frontend hostname
+    url = reverse("api:builder:domains:ask_exists") + "?domain=web-frontend.localhost"
+    response = api_client.get(url)
+    assert response.status_code == 200
+
+    # Should accept first extra hostname
+    url = reverse("api:builder:domains:ask_exists") + "?domain=extra1.localhost"
+    response = api_client.get(url)
+    assert response.status_code == 200
+
+    # Should accept second extra hostname
+    url = reverse("api:builder:domains:ask_exists") + "?domain=extra2.localhost"
+    response = api_client.get(url)
+    assert response.status_code == 200
+
+
 @pytest.mark.django_db
 @patch("baserow.contrib.builder.api.domains.public_views.BuilderDispatchContext")
 @patch(
diff --git a/changelog/entries/unreleased/feature/2593_allow_adding_extra_public_urls.json b/changelog/entries/unreleased/feature/2593_allow_adding_extra_public_urls.json
@@ -0,0 +1,9 @@
+{
+  "type": "feature",
+  "message": "Allow setting multiple BASEROW_PUBLIC_URL #2593",
+  "domain": "core",
+  "issue_number": 2593,
+  "issue_origin": "github",
+  "bullet_points": [],
+  "created_at": "2025-12-12"
+}
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -32,6 +32,7 @@ x-backend-variables:
   # If you manually change this line make sure you also change the duplicate line in
   # the web-frontend service.
   BASEROW_PUBLIC_URL: ${BASEROW_PUBLIC_URL-http://localhost}
+  BASEROW_EXTRA_PUBLIC_URLS:
 
   # Set these if you want to use an external postgres instead of the db service below.
   DATABASE_USER: ${DATABASE_USER:-baserow}
@@ -283,6 +284,7 @@ services:
     restart: unless-stopped
     environment:
       BASEROW_PUBLIC_URL: ${BASEROW_PUBLIC_URL-http://localhost}
+      BASEROW_EXTRA_PUBLIC_URLS:
       PRIVATE_BACKEND_URL: ${PRIVATE_BACKEND_URL:-http://backend:8000}
       PUBLIC_BACKEND_URL:
       PUBLIC_WEB_FRONTEND_URL:
diff --git a/docs/installation/configuration.md b/docs/installation/configuration.md
@@ -23,11 +23,12 @@ The installation methods referred to in the variable descriptions are:
 ### Access Configuration
 | Name                                           | Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | Defaults                                                                                      |
 |------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------|
-| BASEROW\_PUBLIC\_URL                           | The public URL or IP that will be used to access baserow. Always should start with http:// https:// even if accessing via an IP address. If you are accessing Baserow over a non-standard (80) http port then make sure you append :YOUR\_PORT to this variable.<br><br>Setting this will override PUBLIC\_BACKEND\_URL and PUBLIC\_WEB\_FRONTEND\_URL with BASEROW\_PUBLIC\_URL’s value.<br>Set to empty to disable default of http://localhost in the compose to instead set PUBLIC\_X\_URLs.                                                                                                                        | http://localhost                                                                              |
-| BASEROW\_CADDY\_ADDRESSES                      | **Not supported by standalone images.** A comma separated list of supported Caddy addresses( [https://caddyserver.com/docs/caddyfile/concepts#addresses](https://caddyserver.com/docs/caddyfile/concepts#addresses)). If a https:// url is provided the Caddy reverse proxy will attempt to [automatically setup HTTPS](https://caddyserver.com/docs/automatic-https) with lets encrypt for you. If you wish your Baserow to still be accessible on localhost and you set this value away from the default of :80 ensure you append “,[http://localhost](http://localhost/)”                                           | :80                                                                                           |
+| BASEROW\_PUBLIC\_URL                           | The public URL or IP that will be used to access the Baserow tool. Always should start with http:// https:// even if accessing via an IP address. If you are accessing Baserow over a non-standard (80) http port then make sure you append :YOUR\_PORT to this variable.<br><br>Setting this will override PUBLIC\_BACKEND\_URL and PUBLIC\_WEB\_FRONTEND\_URL with BASEROW\_PUBLIC\_URL’s value.<br>Set to empty to disable default of http://localhost in the compose to instead set PUBLIC\_X\_URLs. Note that other URL will be treated as a published application builder domains.                               | http://localhost                                                                              |
+| BASEROW\_EXTRA\_PUBLIC\_URLS                   | An optional comma-separated list of additional public URLs where Baserow tool will be accessible. These URLs will have the same behavior as BASEROW\_PUBLIC\_URL (not treated as published applications). The difference is that `BASEROW\_PUBLIC\_URL` is used in email communication. This is useful when running Baserow behind multiple domain names or when using different URLs for different network access (e.g., both public and private). Example: `http://app.example.com,https://baserow.company.local`.                                                                                                   |                                                                                               |
+| BASEROW\_CADDY\_ADDRESSES                      | **Not supported by standalone images.** A comma separated list of supported Caddy addresses( [https://caddyserver.com/docs/caddyfile/concepts#addresses](https://caddyserver.com/docs/caddyfile/concepts#addresses)). If a https:// url is provided the Caddy reverse proxy will attempt to [automatically setup HTTPS](https://caddyserver.com/docs/automatic-https) with lets encrypt for you. If you wish your Baserow to still be accessible on localhost and you set this value away from the default of :80 ensure you append “,[http://localhost](http://localhost/)”                                           | :80     |
 | PUBLIC\_BACKEND\_URL                           | Please use BASEROW\_PUBLIC\_URL unless you are using the standalone baserow/backend or baserow/web-frontend images. The publicly accessible URL of the backend. Should include the port if non-standard. Ensure BASEROW\_PUBLIC\_URL is set to an empty value to use this variable in the compose setup.                                                                                                                                                                                                                                                                                                               | $BASEROW\_PUBLIC\_URL, http://localhost:8000/ in the standalone images.                       |
 | PUBLIC\_WEB\_FRONTEND\_URL                     | Please use BASEROW\_PUBLIC\_URL unless you are using the standalone baserow/backend or baserow/web-frontend images. The publicly accessible URL of the web-frontend. Should include the port if non-standard. Ensure BASEROW\_PUBLIC\_URL is set to an empty value to use this variable in the compose setup.                                                                                                                                                                                                                                                                                                          | $BASEROW\_PUBLIC\_URL, http://localhost:3000/ in the standalone images.                       |
-| BASEROW\_EMBEDDED\_SHARE\_URL                     | Optional URL for public sharing and email links that can be used if Baserow is used inside an iframe on a different URL.|$PUBLIC\_WEB\_FRONTEND\_URL|
+| BASEROW\_EMBEDDED\_SHARE\_URL                  | Optional URL for public sharing and email links that can be used if Baserow is used inside an iframe on a different URL.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               | $PUBLIC\_WEB\_FRONTEND\_URL                                                                   |
 | WEB\_FRONTEND\_PORT                            | The HTTP port that is being used to access Baserow using. Only used by the docker-compose files.                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       | Only used by the docker-compose.yml files, defaults to 80 but prior to 1.9 defaulted to 3000. |
 | BASEROW\_EXTRA\_ALLOWED\_HOSTS                 | An optional comma separated list of hostnames which will be added to the Baserow's Django backend [ALLOWED_HOSTS](https://docs.djangoproject.com/en/4.0/ref/settings/#allowed-hosts) setting. In most situations you will not need to set this as the hostnames from BASEROW\_PUBLIC\_URL or PUBLIC\_BACKEND\_URL will be added to the ALLOWED_HOSTS automatically. This is only needed if you need to allow additional different hosts to be able to access your Baserow.                                                                                                                                             |                                                                                               |
 | PRIVATE\_BACKEND\_URL                          | **Only change this with standalone images.** This is the URL used when the web-frontend server directly queries the backend itself when doing server side rendering. As such not only the browser, but also<br>the web-frontend server should be able to make HTTP requests to the backend. The web-frontend nuxt server might not have access to the \`PUBLIC\_BACKEND\_URL\` or there could be a more direct route, (e.g. from container to container instead of via the internet). For example if the web-frontend and backend were containers on the same docker network this could be set to http://backend:8000. |                                                                                               |
diff --git a/web-frontend/modules/builder/plugins/router.js b/web-frontend/modules/builder/plugins/router.js
@@ -31,9 +31,14 @@ export function createRouter(ssrContext, config) {
       runtimeConfig.public.PUBLIC_WEB_FRONTEND_URL
     ).hostname
     const requestHostname = new URL(`http://${req.headers.host}`).hostname
+    const extraPublicHostnames =
+      runtimeConfig.public.EXTRA_PUBLIC_WEB_FRONTEND_HOSTNAMES || []
 
-    // We allow published routes only if the builder feature flag is on
-    isWebFrontendHostname = frontendHostname === requestHostname
+    // Check if request hostname matches main hostname or any extra hostname so we know
+    // whether the tool or a published application must be served.
+    isWebFrontendHostname =
+      frontendHostname === requestHostname ||
+      extraPublicHostnames.includes(requestHostname)
 
     // Send the variable to the frontend using the `__NUXT__` property
     ssrContext.nuxt.isWebFrontendHostname = isWebFrontendHostname
diff --git a/web-frontend/modules/core/module.js b/web-frontend/modules/core/module.js
@@ -13,6 +13,7 @@ import it from './locales/it.json'
 import pl from './locales/pl.json'
 import ko from './locales/ko.json'
 import { setDefaultResultOrder } from 'dns'
+import { parseHostnamesFromUrls } from './utils/url'
 const { readFileSync } = require('fs')
 
 export default function CoreModule(options) {
@@ -76,6 +77,9 @@ export default function CoreModule(options) {
       process.env.PUBLIC_BACKEND_URL ?? 'http://localhost:8000',
     PUBLIC_WEB_FRONTEND_URL:
       process.env.PUBLIC_WEB_FRONTEND_URL ?? 'http://localhost:3000',
+    EXTRA_PUBLIC_WEB_FRONTEND_HOSTNAMES: parseHostnamesFromUrls(
+      process.env.BASEROW_EXTRA_PUBLIC_URLS ?? ''
+    ),
     MEDIA_URL: process.env.MEDIA_URL ?? 'http://localhost:4000/media/',
     INITIAL_TABLE_DATA_LIMIT: process.env.INITIAL_TABLE_DATA_LIMIT ?? null,
     DOWNLOAD_FILE_VIA_XHR: process.env.DOWNLOAD_FILE_VIA_XHR ?? '0',
diff --git a/web-frontend/modules/core/utils/url.js b/web-frontend/modules/core/utils/url.js
@@ -33,3 +33,26 @@ export function ensureUrlProtocol(value) {
   }
   return value
 }
+
+/**
+ * Parses a comma-separated list of URLs and extracts their hostnames.
+ * @param {string} urlsString - Comma-separated list of URLs
+ * @returns {string[]} Array of hostnames extracted from valid URLs
+ */
+export function parseHostnamesFromUrls(urlsString) {
+  if (!urlsString) return []
+
+  return urlsString
+    .split(',')
+    .map((url) => url.trim())
+    .filter((url) => url !== '')
+    .map((url) => {
+      try {
+        return new URL(url).hostname
+      } catch (e) {
+        console.warn(`Invalid URL in BASEROW_EXTRA_PUBLIC_URLS: ${url}`)
+        return null
+      }
+    })
+    .filter((hostname) => hostname !== null)
+}
diff --git a/web-frontend/test/unit/core/utils/url.spec.js b/web-frontend/test/unit/core/utils/url.spec.js
@@ -1,4 +1,7 @@
-import { isRelativeUrl } from '@baserow/modules/core/utils/url'
+import {
+  isRelativeUrl,
+  parseHostnamesFromUrls,
+} from '@baserow/modules/core/utils/url'
 import {
   isValidAbsoluteURL,
   isValidURL,
@@ -114,4 +117,61 @@ describe('test url utils', () => {
       expect(isValidAbsoluteURL(url)).toBe(false)
     })
   })
+  describe('test parseHostnamesFromUrls', () => {
+    const warnSpy = jest.spyOn(console, 'warn').mockImplementation(() => {})
+
+    afterEach(() => {
+      warnSpy.mockClear()
+    })
+
+    afterAll(() => {
+      warnSpy.mockRestore()
+    })
+
+    test.each([undefined, null, ''])(
+      'returns [] for empty input (%s)',
+      (value) => {
+        expect(parseHostnamesFromUrls(value)).toEqual([])
+        expect(warnSpy).not.toHaveBeenCalled()
+      }
+    )
+
+    test('parses a comma-separated list, trims whitespace, skips blanks, and returns hostnames', () => {
+      const input =
+        ' https://example.com/path , http://sub.example.com:8080 ,   , https://example.co.uk?q=1 '
+
+      expect(parseHostnamesFromUrls(input)).toEqual([
+        'example.com',
+        'sub.example.com',
+        'example.co.uk',
+      ])
+      expect(warnSpy).not.toHaveBeenCalled()
+    })
+
+    test('ignores invalid URLs and warns once per invalid entry', () => {
+      const input =
+        'https://example.com, not-a-url, ftp://example.com/file.txt, https://test'
+
+      expect(parseHostnamesFromUrls(input)).toEqual([
+        'example.com',
+        'example.com',
+        'test',
+      ])
+
+      expect(warnSpy).toHaveBeenCalledTimes(1)
+      expect(warnSpy).toHaveBeenCalledWith(
+        'Invalid URL in BASEROW_EXTRA_PUBLIC_URLS: not-a-url'
+      )
+    })
+
+    test('preserves duplicates and order', () => {
+      const input =
+        'https://a.example.com, https://a.example.com, https://b.example.com'
+      expect(parseHostnamesFromUrls(input)).toEqual([
+        'a.example.com',
+        'a.example.com',
+        'b.example.com',
+      ])
+    })
+  })
 })

Original file line number	Diff line number	Diff line change
`@@ -12,7 +12,12 @@`
`12`	`12`	`}`
`13`	`13`
`14`	`14`	`@is_baserow_tool {`
`15`		`- expression "{$BASEROW_PUBLIC_URL}".contains({http.request.host})`
	`15`	+ expression `
	`16`	`+ "{$BASEROW_PUBLIC_URL}".contains({http.request.host}) \|\|`
	`17`	`+ "{$BASEROW_EXTRA_PUBLIC_URLS}".split(",")`
	`18`	`+ .filter(u, u != "" && u.contains({http.request.host}))`
	`19`	`+ .size() > 0`
	`20`	+ `
`16`	`21`	`}`
`17`	`22`
`18`	`23`	`handle @is_baserow_tool {`