From 5ebde405ea586e9543302541affc67adf7d9aa1d Mon Sep 17 00:00:00 2001
From: Yamila Moreno <yamila.moreno@kaleidos.net>
Date: Wed, 19 Feb 2025 15:06:26 +0100
Subject: [PATCH 1/5] :books: Document how to use a proxy - nginx

---
 docs/technical-guide/getting-started.md | 50 ++++++++++++++++++++++++-
 1 file changed, 49 insertions(+), 1 deletion(-)

diff --git a/docs/technical-guide/getting-started.md b/docs/technical-guide/getting-started.md
index 70248a62e..6a4378e7a 100644
--- a/docs/technical-guide/getting-started.md
+++ b/docs/technical-guide/getting-started.md
@@ -280,6 +280,55 @@ Postgres database and another one for the assets uploaded by your users (images
 clips). There may be more volumes if you enable other features, as explained in the file
 itself.
 
+### Configure the proxy
+
+Your host configuration needs to make a proxy to http://localhost:9001.
+
+#### Example with NGINX
+
+```bash
+server {
+  listen 80;
+  server_name penpot.mycompany.com;
+  return 301 https://$host$request_uri;
+}
+
+server {
+  listen 443 ssl;
+  server_name penpot.mycompany.com;
+
+  # This value should be in sync with the corresponding in the docker-compose.yml
+  # PENPOT_HTTP_SERVER_MAX_BODY_SIZE: 31457280
+  client_max_body_size 31457280;
+
+  # Logs: Configure your logs following the best practices inside your company
+  access_log /path/to/penpot.access.log;
+  error_log /path/to/penpot.error.log;
+
+  # TLS: Configure your TLS following the best practices inside your company
+  ssl_certificate /path/to/fullchain;
+  ssl_certificate_key /path/to/privkey;
+
+  # Websockets
+  location /ws/notifications {
+    proxy_set_header Upgrade $http_upgrade;
+    proxy_set_header Connection 'upgrade';
+    proxy_pass http://localhost:9001/ws/notifications;
+  }
+
+  # Proxy pass
+  location / {
+    proxy_set_header Host $http_host;
+    proxy_set_header X-Real-IP $remote_addr;
+    proxy_set_header X-Scheme $scheme;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_redirect off;
+    proxy_pass http://localhost:9001/;
+  }
+}
+```
+
 ### Troubleshooting
 
 Knowing how to do Penpot troubleshooting can be very useful; on the one hand, it helps to create issues easier to resolve, since they include relevant information from the beginning which also makes them get solved faster; on the other hand, many times troubleshooting gives the necessary information to resolve a problem autonomously, without even creating an issue.
@@ -350,7 +399,6 @@ you need.
 Therefore, your prerequisite will be to have a Kubernetes cluster on which we can install
 Helm.
 
-
 ### What is Helm
 
 *Helm* is the package manager for Kubernetes. A *Chart* is a Helm package. It contains

From 5bfab454f5a2f6e55817240d9a818492772763f7 Mon Sep 17 00:00:00 2001
From: Yamila Moreno <yamila.moreno@kaleidos.net>
Date: Wed, 19 Feb 2025 15:39:01 +0100
Subject: [PATCH 2/5] :books: Document how to use a proxy - caddy

---
 docs/technical-guide/getting-started.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/docs/technical-guide/getting-started.md b/docs/technical-guide/getting-started.md
index 6a4378e7a..1b262cb3d 100644
--- a/docs/technical-guide/getting-started.md
+++ b/docs/technical-guide/getting-started.md
@@ -329,6 +329,18 @@ server {
 }
 ```
 
+#### Example with CADDY SERVER
+
+```bash
+penpot.mycompany.com {
+        reverse_proxy :9001
+        tls /path/to/fullchain.pem /path/to/privkey.pem
+        log {
+            output file /path/to/penpot.log
+        }
+}
+```
+
 ### Troubleshooting
 
 Knowing how to do Penpot troubleshooting can be very useful; on the one hand, it helps to create issues easier to resolve, since they include relevant information from the beginning which also makes them get solved faster; on the other hand, many times troubleshooting gives the necessary information to resolve a problem autonomously, without even creating an issue.

From 0ff9c442460664a58a634b91fa187ba633ac5583 Mon Sep 17 00:00:00 2001
From: Yamila Moreno <yamila.moreno@kaleidos.net>
Date: Fri, 28 Feb 2025 09:02:40 +0100
Subject: [PATCH 3/5] :whale: Improve nginx resolvers (#5967)

---
 CHANGES.md                              | 16 +++++++++++++++-
 docker/images/Dockerfile.frontend       |  1 +
 docker/images/files/nginx-entrypoint.sh | 10 +++++++---
 docker/images/files/nginx.conf          |  1 -
 docker/images/files/resolvers.conf      |  1 +
 5 files changed, 24 insertions(+), 5 deletions(-)
 create mode 100644 docker/images/files/resolvers.conf

diff --git a/CHANGES.md b/CHANGES.md
index f843b7698..86bc6aa6c 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,6 +1,20 @@
 # CHANGELOG
 
-## 2.5.0 (Unreleased)
+## 2.5.1 (Unreleased)
+
+### :rocket: Epics and highlights
+
+### :boom: Breaking changes & Deprecations
+
+### :heart: Community contributions (Thank you!)
+
+### :sparkles: New features
+
+- Improve Nginx entryponit to get the resolvers dinamically by default
+
+### :bug: Bugs fixed
+
+## 2.5.0
 
 ### :rocket: Epics and highlights
 
diff --git a/docker/images/Dockerfile.frontend b/docker/images/Dockerfile.frontend
index 25ee128ce..39cadd424 100644
--- a/docker/images/Dockerfile.frontend
+++ b/docker/images/Dockerfile.frontend
@@ -11,6 +11,7 @@ RUN set -ex; \
 ADD ./bundle-frontend/ /var/www/app/
 ADD ./files/config.js /var/www/app/js/config.js
 ADD ./files/nginx.conf /etc/nginx/nginx.conf.template
+ADD ./files/resolvers.conf /etc/nginx/overrides.d/resolvers.conf.template
 ADD ./files/nginx-mime.types /etc/nginx/mime.types
 ADD ./files/nginx-entrypoint.sh /entrypoint.sh
 
diff --git a/docker/images/files/nginx-entrypoint.sh b/docker/images/files/nginx-entrypoint.sh
index 74c0042d6..7dae546e7 100644
--- a/docker/images/files/nginx-entrypoint.sh
+++ b/docker/images/files/nginx-entrypoint.sh
@@ -21,10 +21,14 @@ update_flags /var/www/app/js/config.js
 
 export PENPOT_BACKEND_URI=${PENPOT_BACKEND_URI:-http://penpot-backend:6060};
 export PENPOT_EXPORTER_URI=${PENPOT_EXPORTER_URI:-http://penpot-exporter:6061};
-export PENPOT_INTERNAL_RESOLVER=${PENPOT_INTERNAL_RESOLVER:-127.0.0.11};
+PENPOT_DEFAULT_INTERNAL_RESOLVER="$(awk 'BEGIN{ORS=" "} $1=="nameserver" { sub(/%.*$/,"",$2); print ($2 ~ ":")? "["$2"]": $2}' /etc/resolv.conf)";
+export PENPOT_INTERNAL_RESOLVER=${PENPOT_INTERNAL_RESOLVER:-$PENPOT_DEFAULT_INTERNAL_RESOLVER};
 export PENPOT_HTTP_SERVER_MAX_MULTIPART_BODY_SIZE=${PENPOT_HTTP_SERVER_MAX_MULTIPART_BODY_SIZE:-367001600}; # Default to 350MiB
 
-envsubst "\$PENPOT_BACKEND_URI,\$PENPOT_EXPORTER_URI,\$PENPOT_INTERNAL_RESOLVER,\$PENPOT_HTTP_SERVER_MAX_MULTIPART_BODY_SIZE" \
-         < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf
+envsubst "\$PENPOT_BACKEND_URI,\$PENPOT_EXPORTER_URI,\$PENPOT_HTTP_SERVER_MAX_MULTIPART_BODY_SIZE" \
+         < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf;
+
+envsubst "\$PENPOT_INTERNAL_RESOLVER" \
+         < /etc/nginx/overrides.d/resolvers.conf.template > /etc/nginx/overrides.d/resolvers.conf;
 
 exec "$@";
diff --git a/docker/images/files/nginx.conf b/docker/images/files/nginx.conf
index 19f2e3a1a..72e231c26 100644
--- a/docker/images/files/nginx.conf
+++ b/docker/images/files/nginx.conf
@@ -46,7 +46,6 @@ http {
     proxy_buffer_size 16k;
     proxy_busy_buffers_size 24k; # essentially, proxy_buffer_size + 2 small buffers of 4k
     proxy_buffers 32 4k;
-    resolver $PENPOT_INTERNAL_RESOLVER ipv6=off;
 
     map $http_upgrade $connection_upgrade {
         default upgrade;
diff --git a/docker/images/files/resolvers.conf b/docker/images/files/resolvers.conf
new file mode 100644
index 000000000..75e140573
--- /dev/null
+++ b/docker/images/files/resolvers.conf
@@ -0,0 +1 @@
+resolver $PENPOT_INTERNAL_RESOLVER ipv6=off valid=10s;

From 3a34c51e432afc1dd08530d07f487d1479c0c3c7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marina=20L=C3=B3pez?= <marina.lopez.yap@gmail.com>
Date: Fri, 28 Feb 2025 08:01:11 +0100
Subject: [PATCH 4/5] :sparkles: Add pricing page event

---
 frontend/src/app/main/ui/dashboard/sidebar.cljs | 1 +
 1 file changed, 1 insertion(+)

diff --git a/frontend/src/app/main/ui/dashboard/sidebar.cljs b/frontend/src/app/main/ui/dashboard/sidebar.cljs
index a4f327015..46dd0d270 100644
--- a/frontend/src/app/main/ui/dashboard/sidebar.cljs
+++ b/frontend/src/app/main/ui/dashboard/sidebar.cljs
@@ -959,6 +959,7 @@
         on-power-up-click
         (mf/use-fn
          (fn []
+           (st/emit! (ptk/event ::ev/event {::ev/name "explore-pricing-click" ::ev/origin "dashboard" :section "sidebar"}))
            (dom/open-new-window "https://penpot.app/pricing")))]
 
     [:*

From 214a89e20db63816808c8c1dfbca330a98808bbd Mon Sep 17 00:00:00 2001
From: Alejandro Alonso <alejandroalonsofernandez@gmail.com>
Date: Mon, 3 Mar 2025 07:13:23 +0100
Subject: [PATCH 5/5] :paperclip: Update CHANGES.md file

---
 CHANGES.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/CHANGES.md b/CHANGES.md
index 86bc6aa6c..8c46a763c 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,6 +1,6 @@
 # CHANGELOG
 
-## 2.5.1 (Unreleased)
+## 2.5.1
 
 ### :rocket: Epics and highlights