From dfe08943058db39c6327005fd701b46a6858be34 Mon Sep 17 00:00:00 2001
From: Welton Moura <weltonmoura@live.com>
Date: Sun, 5 Apr 2026 12:29:30 -0300
Subject: [PATCH] feat: configure ALLOWED_HOSTS dynamically via environment
 variables in settings and docker-compose

---
 docker-compose.yml     | 2 +-
 gestaoRaul/settings.py | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 75c6a3c..cf31f39 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -10,7 +10,7 @@ services:
 
     environment:
       - DEBUG=True
-      - ALLOWED_HOSTS=*
+      - ALLOWED_HOSTS=raulrockbar.com.br,api.raulrockbar.com.br
       - CSRF_TRUSTED_ORIGINS=https://raulrockbar.com.br,https://api.raulrockbar.com.br
 
     volumes:
diff --git a/gestaoRaul/settings.py b/gestaoRaul/settings.py
index 07ead03..b2f49d9 100644
--- a/gestaoRaul/settings.py
+++ b/gestaoRaul/settings.py
@@ -36,6 +36,8 @@ SECRET_KEY = os.getenv(
     "SECRET_KEY", "django-insecure-mqcnrs5!hc6bj$&#0@@9d8^2@x#w&$qhk3vlr5_)3znd9h6&d8"
 )
 
+ALLOWED_HOSTS = os.getenv("ALLOWED_HOSTS", "*").split(",")
+
 # SECURITY WARNING: don't run with debug turned on in production!
 DEBUG = os.getenv("DEBUG", "True") == "True"