From 2da4a29a4db80f2f841414ebe3f76dddd9b951df Mon Sep 17 00:00:00 2001
From: Anish Sarkar <104695310+AnishSarkar22@users.noreply.github.com>
Date: Tue, 16 Jun 2026 01:38:33 +0530
Subject: [PATCH] refactor(web): treat NEXT_PUBLIC env-config as
 packaged-client fallback

---
 surfsense_web/lib/env-config.ts           | 45 +++++++----------------
 surfsense_web/lib/supported-extensions.ts | 15 +++++---
 2 files changed, 22 insertions(+), 38 deletions(-)

diff --git a/surfsense_web/lib/env-config.ts b/surfsense_web/lib/env-config.ts
index e8f4a7e1a..55e042815 100644
--- a/surfsense_web/lib/env-config.ts
+++ b/surfsense_web/lib/env-config.ts
@@ -1,56 +1,37 @@
 /**
  * Environment configuration for the frontend.
  *
- * This file centralizes access to NEXT_PUBLIC_* environment variables.
- * For Docker deployments, these placeholders are replaced at container startup
- * via sed in the entrypoint script.
- *
- * IMPORTANT: Do not use template literals or complex expressions with these values
- * as it may prevent the sed replacement from working correctly.
+ * Docker deployments use same-origin relative browser URLs behind Caddy.
+ * NEXT_PUBLIC_* values remain only as build-time fallbacks for packaged clients
+ * like Electron, where there is no bundled Caddy origin.
  */
 
 import packageJson from "../package.json";
 
-// Auth type: "LOCAL" for email/password, "GOOGLE" for OAuth
-// Placeholder: __NEXT_PUBLIC_FASTAPI_BACKEND_AUTH_TYPE__
+// Build-time fallback for packaged clients. Docker runtime reads plain AUTH_TYPE
+// through the runtime config provider instead.
 export const AUTH_TYPE = process.env.NEXT_PUBLIC_FASTAPI_BACKEND_AUTH_TYPE || "GOOGLE";
 
 // Backend API URL. An empty string is valid in proxy mode and means
 // same-origin relative requests (e.g. /api/v1/... and /auth/...).
-// Placeholder: __NEXT_PUBLIC_FASTAPI_BACKEND_URL__
-export const BACKEND_URL = process.env.NEXT_PUBLIC_FASTAPI_BACKEND_URL ?? "http://localhost:8000";
+export const BACKEND_URL = process.env.NEXT_PUBLIC_FASTAPI_BACKEND_URL ?? "";
 
 // Server-side backend URL. Relative browser URLs do not work from RSC/API route
 // code, so server callers should use Docker DNS or an explicit public backend.
 export const SERVER_BACKEND_URL =
+	process.env.SURFSENSE_BACKEND_INTERNAL_URL ||
+	// TODO: Remove FASTAPI_BACKEND_INTERNAL_URL after the post-Caddy env migration window.
 	process.env.FASTAPI_BACKEND_INTERNAL_URL ||
-	process.env.BACKEND_URL ||
-	BACKEND_URL ||
-	"http://localhost:8000";
+	"http://backend:8000";
 
-// ETL Service: "DOCLING", "UNSTRUCTURED", or "LLAMACLOUD"
-// Placeholder: __NEXT_PUBLIC_ETL_SERVICE__
+// Build-time fallback for packaged clients. Docker runtime reads plain ETL_SERVICE
+// through the runtime config provider instead.
 export const ETL_SERVICE = process.env.NEXT_PUBLIC_ETL_SERVICE || "DOCLING";
 
-// Deployment Mode: "self-hosted" or "cloud"
-// Matches backend's SURFSENSE_DEPLOYMENT_MODE - defaults to "self-hosted"
-// self-hosted: Full access to local file system connectors (Obsidian, etc.)
-// cloud: Only cloud-based connectors available
-// Placeholder: __NEXT_PUBLIC_DEPLOYMENT_MODE__
+// Build-time fallback for packaged clients. Docker runtime reads plain
+// DEPLOYMENT_MODE through the runtime config provider instead.
 export const DEPLOYMENT_MODE = process.env.NEXT_PUBLIC_DEPLOYMENT_MODE || "self-hosted";
 
 // App version - defaults to package.json version
 // Can be overridden at build time with NEXT_PUBLIC_APP_VERSION for full git tag version
 export const APP_VERSION = process.env.NEXT_PUBLIC_APP_VERSION || packageJson.version;
-
-// Helper to check if local auth is enabled
-export const isLocalAuth = () => AUTH_TYPE === "LOCAL";
-
-// Helper to check if Google auth is enabled
-export const isGoogleAuth = () => AUTH_TYPE === "GOOGLE";
-
-// Helper to check if running in self-hosted mode
-export const isSelfHosted = () => DEPLOYMENT_MODE === "self-hosted";
-
-// Helper to check if running in cloud mode
-export const isCloud = () => DEPLOYMENT_MODE === "cloud";
diff --git a/surfsense_web/lib/supported-extensions.ts b/surfsense_web/lib/supported-extensions.ts
index f615b3d46..bda8e916f 100644
--- a/surfsense_web/lib/supported-extensions.ts
+++ b/surfsense_web/lib/supported-extensions.ts
@@ -75,18 +75,21 @@ export const FILE_TYPE_CONFIG: Record<string, Record<string, string[]>> = {
 	},
 };
 
-export function getAcceptedFileTypes(): Record<string, string[]> {
-	const etlService = process.env.NEXT_PUBLIC_ETL_SERVICE;
+export function getAcceptedFileTypes(etlService?: string): Record<string, string[]> {
 	return FILE_TYPE_CONFIG[etlService || "default"] || FILE_TYPE_CONFIG.default;
 }
 
-export function getSupportedExtensions(acceptedFileTypes?: Record<string, string[]>): string[] {
-	const types = acceptedFileTypes ?? getAcceptedFileTypes();
+export function getSupportedExtensions(
+	acceptedFileTypes?: Record<string, string[]>,
+	etlService?: string
+): string[] {
+	const types = acceptedFileTypes ?? getAcceptedFileTypes(etlService);
 	return Array.from(new Set(Object.values(types).flat())).sort();
 }
 
 export function getSupportedExtensionsSet(
-	acceptedFileTypes?: Record<string, string[]>
+	acceptedFileTypes?: Record<string, string[]>,
+	etlService?: string
 ): Set<string> {
-	return new Set(getSupportedExtensions(acceptedFileTypes).map((ext) => ext.toLowerCase()));
+	return new Set(getSupportedExtensions(acceptedFileTypes, etlService).map((ext) => ext.toLowerCase()));
 }