diff --git a/.dockerignore b/.dockerignore index bb0e9eb..bd6836c 100644 --- a/.dockerignore +++ b/.dockerignore @@ -12,4 +12,4 @@ dist README.md LICENSE docs -screenshots +screenshots \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 9ce0cdf..0664425 100644 --- a/Dockerfile +++ b/Dockerfile @@ -4,14 +4,6 @@ FROM node:22-alpine AS builder # Set working directory WORKDIR /app -# Accept build arguments -ARG OAUTH_GITHUB_CLIENT_ID -ARG OAUTH_GITHUB_CLIENT_SECRET - -# Set environment variables from build args -ENV OAUTH_GITHUB_CLIENT_ID=${OAUTH_GITHUB_CLIENT_ID} -ENV OAUTH_GITHUB_CLIENT_SECRET=${OAUTH_GITHUB_CLIENT_SECRET} - # Copy package files COPY package.json package-lock.json* ./ @@ -21,19 +13,28 @@ RUN npm ci # Copy source code COPY . . +# Accept build arguments and set environment variables +ARG OAUTH_GITHUB_CLIENT_ID +ARG OAUTH_GITHUB_CLIENT_SECRET +ENV OAUTH_GITHUB_CLIENT_ID=${OAUTH_GITHUB_CLIENT_ID} +ENV OAUTH_GITHUB_CLIENT_SECRET=${OAUTH_GITHUB_CLIENT_SECRET} + # Build the application RUN npm run build # Stage 2: Production FROM nginx:alpine AS production +# Remove default nginx config +RUN rm -f /etc/nginx/conf.d/default.conf + # Copy built files from builder stage COPY --from=builder /app/dist /usr/share/nginx/html # Copy nginx configuration COPY nginx.conf /etc/nginx/conf.d/default.conf -# Expose port 8091 (for rootless podman) +# Expose port 8091 EXPOSE 8091 # Start nginx diff --git a/nginx.conf b/nginx.conf index 64520d6..b524baa 100644 --- a/nginx.conf +++ b/nginx.conf @@ -1,59 +1,24 @@ server { listen 8091; - server_name localhost; + server_name _; root /usr/share/nginx/html; index index.html; # Gzip compression gzip on; - gzip_vary on; - gzip_min_length 1024; - gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml+rss application/json application/javascript; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; - # Security headers - add_header X-Content-Type-Options "nosniff" always; - add_header X-Frame-Options "DENY" always; - add_header X-XSS-Protection "1; mode=block" always; - add_header Referrer-Policy "strict-origin-when-cross-origin" always; - - # Cache control for static assets - location ~* ^/_astro/ { - add_header Cache-Control "public, max-age=31536000, immutable" always; - try_files $uri =404; + # Cache static assets + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ { + expires 1y; + add_header Cache-Control "public, immutable"; } - location ~* ^/assets/ { - add_header Cache-Control "public, max-age=31536000, immutable" always; - try_files $uri =404; - } - - location ~* ^/favicon/ { - add_header Cache-Control "public, max-age=31536000, immutable" always; - try_files $uri =404; - } - - location ~* ^/pio/ { - add_header Cache-Control "public, max-age=31536000, immutable" always; - try_files $uri =404; - } - - # CORS headers for RSS/Atom feeds - location ~* ^/(atom|rss)\.xml$ { - add_header Access-Control-Allow-Origin "*" always; - add_header Access-Control-Allow-Methods "GET" always; - add_header Access-Control-Max-Age "86400" always; - try_files $uri =404; - } - - # Main location - SPA fallback + # Main location location / { try_files $uri $uri/ $uri.html /index.html; } # Error pages error_page 404 /404.html; - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /usr/share/nginx/html; - } } diff --git a/public/assets/images/particle.png b/public/assets/images/particle.png deleted file mode 100644 index 18f2da0..0000000 Binary files a/public/assets/images/particle.png and /dev/null differ