Fix aiomysql pool_pre_ping crash, add rate limiting and security hardening

Remove pool_pre_ping=True to fix startup crash caused by aiomysql 0.2.0
async adapter requiring a reconnect argument SQLAlchemy does not pass.
Add slowapi rate limiting, structured logging, CORS config, backend
health check, and nginx security headers.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
2026-05-25 00:44:23 -07:00
parent 866c2e0bed
commit ef8b44934c
10 changed files with 67 additions and 11 deletions
+7
View File
@@ -1,9 +1,16 @@
server {
listen 80;
server_tokens off;
root /usr/share/nginx/html;
index index.html;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self';" always;
location / {
try_files $uri $uri/ /index.html;
}