Build frontend in docker for production using nginx

frontend/.docker/nginx/include.d/allcache.conf

@@ -0,0 +1,3 @@
+expires 1y;
+add_header Cache-Control "public";
+access_log off;

frontend/.docker/nginx/include.d/nocache.conf

@@ -0,0 +1,5 @@
+add_header Last-Modified $date_gmt;
+add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
+if_modified_since off;
+expires off;
+etag off;

frontend/.docker/nginx/include.d/root.conf

@@ -0,0 +1,16 @@
+# X-Frame-Options is to prevent from clickJacking attack
+add_header X-Frame-Options SAMEORIGIN;
+
+# disable content-type sniffing on some browsers.
+add_header X-Content-Type-Options nosniff;
+
+# This header enables the Cross-site scripting (XSS) filter
+add_header X-XSS-Protection "1; mode=block";
+
+# This will enforce HTTP browsing into HTTPS and avoid ssl stripping attack
+add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
+
+add_header Referrer-Policy "no-referrer-when-downgrade";
+
+# Enables response header of "Vary: Accept-Encoding"
+gzip_vary on;

frontend/.docker/nginx/include.d/spa.conf

@@ -0,0 +1,19 @@
+listen 80;
+index index.html;
+root /var/www/public/;
+
+location /{{ default .Env.FOLDER_BACKEND "api" }}/ {
+    proxy_pass {{ .Env.URL_BACKEND }};
+}
+
+location / {
+    try_files $uri $uri/ /index.html;
+    include include.d/nocache.conf;
+}
+
+location /static {
+   alias /var/www/public/static/;
+   include include.d/allcache.conf;
+}
+
+include include.d/root.conf;