sneak
818accc454
- Add prettier (4-space indents) and reformat all files - Add Makefile with test/lint/fmt/fmt-check/check/docker targets - Add MIT LICENSE file - Add REPO_POLICIES.md - Fix Dockerfile: listen on 8080 with PORT env var via envsubst - Restructure README.md with all required sections - Set up pre-commit hook (make check) - Update .prettierignore, .gitignore, .dockerignore
51 lines
1.4 KiB
Docker
51 lines
1.4 KiB
Docker
# node:22-alpine as of 2026-02-22
|
|
FROM node@sha256:e4bf2a82ad0a4037d28035ae71529873c069b13eb0455466ae0bc13363826e34 AS build
|
|
WORKDIR /app
|
|
COPY package.json yarn.lock ./
|
|
RUN yarn install --frozen-lockfile
|
|
COPY . .
|
|
RUN yarn build
|
|
|
|
# nginx:stable-alpine as of 2026-02-22
|
|
FROM nginx@sha256:15e96e59aa3b0aada3a121296e3bce117721f42d88f5f64217ef4b18f458c6ab
|
|
# Remove default config
|
|
RUN rm /etc/nginx/conf.d/default.conf
|
|
# Config template — envsubst replaces $PORT at container start
|
|
COPY <<'EOF' /etc/nginx/netwatch.conf.template
|
|
server {
|
|
listen $PORT;
|
|
server_name _;
|
|
|
|
root /usr/share/nginx/html;
|
|
index index.html;
|
|
|
|
# Trust RFC1918 reverse proxies for X-Forwarded-For
|
|
set_real_ip_from 10.0.0.0/8;
|
|
set_real_ip_from 172.16.0.0/12;
|
|
set_real_ip_from 192.168.0.0/16;
|
|
real_ip_header X-Forwarded-For;
|
|
real_ip_recursive on;
|
|
|
|
# Access log to stdout (Docker best practice)
|
|
access_log /dev/stdout combined;
|
|
error_log /dev/stderr warn;
|
|
|
|
location / {
|
|
try_files $uri $uri/ /index.html;
|
|
}
|
|
|
|
# Cache static assets aggressively
|
|
location /assets/ {
|
|
expires 1y;
|
|
add_header Cache-Control "public, immutable";
|
|
}
|
|
}
|
|
EOF
|
|
|
|
COPY --from=build /app/dist /usr/share/nginx/html
|
|
|
|
ENV PORT=8080
|
|
EXPOSE 8080
|
|
|
|
CMD ["/bin/sh", "-c", "envsubst '$PORT' < /etc/nginx/netwatch.conf.template > /etc/nginx/conf.d/netwatch.conf && exec nginx -g 'daemon off;'"]
|