refactor: self hosting setup (#411)

* merge-commit: self hosted updates

* dev: updates in self hosting setup

* dev: update script to get the instance IP

* dev: update script to generate backend secret key

apiserver/plane/settings/production.py

@@ -22,13 +22,7 @@ DATABASES = {
     }
 }
 
-# CORS WHITELIST ON PROD
-CORS_ORIGIN_WHITELIST = [
-    # "https://example.com",
-    # "https://sub.example.com",
-    # "http://localhost:8080",
-    # "http://127.0.0.1:9000"
-]
+
 # Parse database configuration from $DATABASE_URL
 DATABASES["default"] = dj_database_url.config()
 SITE_ID = 1
@@ -43,12 +37,33 @@ DOCKERIZED = os.environ.get(
 # Honor the 'X-Forwarded-Proto' header for request.is_secure()
 SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
 
-# Allow all host headers
-ALLOWED_HOSTS = ["*"]
 
 # TODO: Make it FALSE and LIST DOMAINS IN FULL PROD.
 CORS_ALLOW_ALL_ORIGINS = True
 
+
+CORS_ALLOW_METHODS = [
+    "DELETE",
+    "GET",
+    "OPTIONS",
+    "PATCH",
+    "POST",
+    "PUT",
+]
+
+CORS_ALLOW_HEADERS = [
+    "accept",
+    "accept-encoding",
+    "authorization",
+    "content-type",
+    "dnt",
+    "origin",
+    "user-agent",
+    "x-csrftoken",
+    "x-requested-with",
+]
+
+CORS_ALLOW_CREDENTIALS = True
 # Simplified static file serving.
 STATICFILES_STORAGE = "whitenoise.storage.CompressedManifestStaticFilesStorage"