Halaman utama Jelajahi
Daftar Masuk
parv.ashwani
/
MarkdownPlusPlus
1
0
Fork 0
Berkas Masalah 0 Permintaan Tarik 0 Wiki
Pohon: 57d82e004b
Ranting Tag
MarkdownPlusPlu...
/
Dockerfile

Dockerfile 2.1 KB
Riwayat Mentahan

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 
  1. # Use nginx as the base image for serving static files
    2. 

  2. FROM nginx:alpine
    3. 

  3. 

  4. # PERF-019: Only copy necessary web files (exclude .git, desktop-app, wiki, etc.)
    5. 

  5. COPY index.html /usr/share/nginx/html/
    6. 

  6. COPY script.js /usr/share/nginx/html/
    7. 

  7. COPY styles.css /usr/share/nginx/html/
    8. 

  8. COPY sw.js /usr/share/nginx/html/
    9. 

  9. COPY manifest.json /usr/share/nginx/html/
    10. 

  10. COPY robots.txt /usr/share/nginx/html/
    11. 

  11. COPY sitemap.xml /usr/share/nginx/html/
    12. 

  12. COPY assets/icon.jpg /usr/share/nginx/html/assets/
    13. 

  13. 

  14. # Create a custom nginx configuration with compression and security
    15. 

  15. # PERF-020: Added gzip compression for text-based assets
    16. 

  16. RUN echo 'server { \
    17. 

  17.     listen 80; \
    18. 

  18.     server_name localhost; \
    19. 

  19.     root /usr/share/nginx/html; \
    20. 

  20.     index index.html; \
    21. 

  21.     \
    22. 

  22.     # Enable gzip compression (PERF-020) \
    23. 

  23.     gzip on; \
    24. 

  24.     gzip_vary on; \
    25. 

  25.     gzip_proxied any; \
    26. 

  26.     gzip_comp_level 6; \
    27. 

  27.     gzip_min_length 256; \
    28. 

  28.     gzip_types text/plain text/css application/json application/javascript text/xml application/xml text/javascript image/svg+xml; \
    29. 

  29.     \
    30. 

  30.     # Handle client-side routing for SPA \
    31. 

  31.     location / { \
    32. 

  32.     try_files $uri $uri/ /index.html; \
    33. 

  33.     } \
    34. 

  34.     \
    35. 

  35.     # Cache static assets \
    36. 

  36.     location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { \
    37. 

  37.     expires 1y; \
    38. 

  38.     add_header Cache-Control "public, immutable"; \
    39. 

  39.     } \
    40. 

  40.     \
    41. 

  41.     # Security headers \
    42. 

  42.     add_header X-Frame-Options "SAMEORIGIN" always; \
    43. 

  43.     add_header X-Content-Type-Options "nosniff" always; \
    44. 

  44.     add_header X-XSS-Protection "1; mode=block" always; \
    45. 

  45.     add_header Referrer-Policy "strict-origin-when-cross-origin" always; \
    46. 

  46.     # PERF-029: Content Security Policy for defense-in-depth \
    47. 

  47.     add_header Content-Security-Policy "default-src '"'"'self'"'"'; script-src '"'"'self'"'"' cdnjs.cloudflare.com cdn.jsdelivr.net '"'"'unsafe-inline'"'"'; style-src '"'"'self'"'"' cdnjs.cloudflare.com cdn.jsdelivr.net '"'"'unsafe-inline'"'"'; img-src '"'"'self'"'"' https: data: blob:; font-src '"'"'self'"'"' cdn.jsdelivr.net; connect-src '"'"'self'"'"' api.github.com raw.githubusercontent.com;" always; \
    48. 

  48.     }' > /etc/nginx/conf.d/default.conf
    49. 

  49. 

  50. # Expose port 80
    51. 

  51. EXPOSE 80
    52. 

  52. 

  53. # Start nginx
    54. 

  54. CMD ["nginx", "-g", "daemon off;"]
    55. 

  55.