From 1e267507dd2f0508d3a54c212fd8d6ab979871c0 Mon Sep 17 00:00:00 2001 From: Ricardo Paes Date: Sun, 6 Feb 2022 03:03:58 -0300 Subject: [PATCH] Build frontend in docker for production using nginx --- frontend/.docker/nginx/conf.d/default.conf | 4 ++++ .../.docker/nginx/include.d/allcache.conf | 3 +++ frontend/.docker/nginx/include.d/nocache.conf | 5 ++++ frontend/.docker/nginx/include.d/root.conf | 16 +++++++++++++ frontend/.docker/nginx/include.d/spa.conf | 19 +++++++++++++++ frontend/Dockerfile | 24 +++++++++++++++++++ 6 files changed, 71 insertions(+) create mode 100755 frontend/.docker/nginx/conf.d/default.conf create mode 100755 frontend/.docker/nginx/include.d/allcache.conf create mode 100755 frontend/.docker/nginx/include.d/nocache.conf create mode 100755 frontend/.docker/nginx/include.d/root.conf create mode 100755 frontend/.docker/nginx/include.d/spa.conf create mode 100644 frontend/Dockerfile diff --git a/frontend/.docker/nginx/conf.d/default.conf b/frontend/.docker/nginx/conf.d/default.conf new file mode 100755 index 0000000..5e91aa8 --- /dev/null +++ b/frontend/.docker/nginx/conf.d/default.conf @@ -0,0 +1,4 @@ +server { + server_name _; + include include.d/spa.conf; +} diff --git a/frontend/.docker/nginx/include.d/allcache.conf b/frontend/.docker/nginx/include.d/allcache.conf new file mode 100755 index 0000000..36aa6d2 --- /dev/null +++ b/frontend/.docker/nginx/include.d/allcache.conf @@ -0,0 +1,3 @@ +expires 1y; +add_header Cache-Control "public"; +access_log off; diff --git a/frontend/.docker/nginx/include.d/nocache.conf b/frontend/.docker/nginx/include.d/nocache.conf new file mode 100755 index 0000000..d2f4f9d --- /dev/null +++ b/frontend/.docker/nginx/include.d/nocache.conf @@ -0,0 +1,5 @@ +add_header Last-Modified $date_gmt; +add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0'; +if_modified_since off; +expires off; +etag off; \ No newline at end of file diff --git a/frontend/.docker/nginx/include.d/root.conf b/frontend/.docker/nginx/include.d/root.conf new file mode 100755 index 0000000..09aac30 --- /dev/null +++ b/frontend/.docker/nginx/include.d/root.conf @@ -0,0 +1,16 @@ +# X-Frame-Options is to prevent from clickJacking attack +add_header X-Frame-Options SAMEORIGIN; + +# disable content-type sniffing on some browsers. +add_header X-Content-Type-Options nosniff; + +# This header enables the Cross-site scripting (XSS) filter +add_header X-XSS-Protection "1; mode=block"; + +# This will enforce HTTP browsing into HTTPS and avoid ssl stripping attack +add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;"; + +add_header Referrer-Policy "no-referrer-when-downgrade"; + +# Enables response header of "Vary: Accept-Encoding" +gzip_vary on; \ No newline at end of file diff --git a/frontend/.docker/nginx/include.d/spa.conf b/frontend/.docker/nginx/include.d/spa.conf new file mode 100755 index 0000000..a2147f0 --- /dev/null +++ b/frontend/.docker/nginx/include.d/spa.conf @@ -0,0 +1,19 @@ +listen 80; +index index.html; +root /var/www/public/; + +location /{{ default .Env.FOLDER_BACKEND "api" }}/ { + proxy_pass {{ .Env.URL_BACKEND }}; +} + +location / { + try_files $uri $uri/ /index.html; + include include.d/nocache.conf; +} + +location /static { + alias /var/www/public/static/; + include include.d/allcache.conf; +} + +include include.d/root.conf; \ No newline at end of file diff --git a/frontend/Dockerfile b/frontend/Dockerfile new file mode 100644 index 0000000..e1db5d4 --- /dev/null +++ b/frontend/Dockerfile @@ -0,0 +1,24 @@ +FROM node:14-alpine as build-deps +WORKDIR /usr/src/app +COPY package.json package-lock.json ./ +RUN npm install +COPY .env* ./ +COPY src/ ./src/ +COPY public/ ./public/ +RUN echo "REACT_APP_BACKEND_URL=/api/" > .env.production +RUN npm run build + +FROM nginx:alpine + +RUN apk add --no-cache openssl +ENV DOCKERIZE_VERSION v0.6.1 +RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSION/dockerize-alpine-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ + && tar -C /usr/local/bin -xzvf dockerize-alpine-linux-amd64-$DOCKERIZE_VERSION.tar.gz \ + && rm dockerize-alpine-linux-amd64-$DOCKERIZE_VERSION.tar.gz + +COPY .docker/nginx /etc/nginx/ +COPY --from=build-deps /usr/src/app/build /var/www/public/ +EXPOSE 80 + +RUN echo "dockerize -template /etc/nginx/include.d/spa.conf:/etc/nginx/include.d/spa.conf" > /docker-entrypoint.d/01-change-url-backend.sh \ + && chmod +x /docker-entrypoint.d/01-change-url-backend.sh \ No newline at end of file