This commit is contained in:
69
Dockerfile
69
Dockerfile
@ -1,74 +1,13 @@
|
|||||||
# Build stage
|
FROM node:20 as builder
|
||||||
FROM node:20-alpine as build
|
|
||||||
|
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
|
COPY package*.json ./
|
||||||
# Copy package files
|
|
||||||
COPY package.json package-lock.json ./
|
|
||||||
|
|
||||||
# Install dependencies
|
|
||||||
RUN npm install
|
RUN npm install
|
||||||
|
|
||||||
# Copy source code
|
|
||||||
COPY . .
|
COPY . .
|
||||||
|
|
||||||
# Build the application
|
|
||||||
RUN npm run build
|
RUN npm run build
|
||||||
|
|
||||||
# Production stage
|
|
||||||
FROM nginx:alpine
|
FROM nginx:alpine
|
||||||
|
COPY --from=builder /app/dist /usr/share/nginx/html
|
||||||
# Install necessary tools
|
COPY nginx.conf /etc/nginx/conf.d/default.conf
|
||||||
RUN apk add --no-cache curl
|
|
||||||
|
|
||||||
# Create nginx configuration
|
|
||||||
RUN echo 'server { \
|
|
||||||
listen 80; \
|
|
||||||
server_name localhost; \
|
|
||||||
root /usr/share/nginx/html; \
|
|
||||||
index index.html; \
|
|
||||||
\
|
|
||||||
# Gzip compression \
|
|
||||||
gzip on; \
|
|
||||||
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; \
|
|
||||||
\
|
|
||||||
# Security headers \
|
|
||||||
add_header X-Frame-Options "SAMEORIGIN"; \
|
|
||||||
add_header X-XSS-Protection "1; mode=block"; \
|
|
||||||
add_header X-Content-Type-Options "nosniff"; \
|
|
||||||
\
|
|
||||||
# Trust proxy headers \
|
|
||||||
real_ip_header X-Forwarded-For; \
|
|
||||||
set_real_ip_from 0.0.0.0/0; \
|
|
||||||
\
|
|
||||||
# Handle proxy headers \
|
|
||||||
proxy_set_header Host $host; \
|
|
||||||
proxy_set_header X-Real-IP $remote_addr; \
|
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; \
|
|
||||||
proxy_set_header X-Forwarded-Proto $scheme; \
|
|
||||||
\
|
|
||||||
location / { \
|
|
||||||
try_files $uri $uri/ /index.html; \
|
|
||||||
} \
|
|
||||||
\
|
|
||||||
# Cache static assets \
|
|
||||||
location /assets/ { \
|
|
||||||
expires 1y; \
|
|
||||||
add_header Cache-Control "public, no-transform"; \
|
|
||||||
} \
|
|
||||||
\
|
|
||||||
# Error pages \
|
|
||||||
error_page 404 /index.html; \
|
|
||||||
error_page 500 502 503 504 /50x.html; \
|
|
||||||
location = /50x.html { \
|
|
||||||
root /usr/share/nginx/html; \
|
|
||||||
} \
|
|
||||||
}' > /etc/nginx/conf.d/default.conf
|
|
||||||
|
|
||||||
# Copy built assets from build stage
|
|
||||||
COPY --from=build /app/dist /usr/share/nginx/html
|
|
||||||
|
|
||||||
# Expose port 80
|
|
||||||
EXPOSE 80
|
EXPOSE 80
|
||||||
|
|
||||||
CMD ["nginx", "-g", "daemon off;"]
|
CMD ["nginx", "-g", "daemon off;"]
|
84
nginx.conf
84
nginx.conf
@ -1,29 +1,85 @@
|
|||||||
server {
|
server {
|
||||||
listen 80;
|
listen 80;
|
||||||
server_name localhost;
|
server_name ebook.miduway.space;
|
||||||
root /usr/share/nginx/html;
|
|
||||||
index index.html;
|
|
||||||
|
|
||||||
# Gzip compression
|
# Редирект всех HTTP-запросов на HTTPS
|
||||||
gzip on;
|
return 301 https://$host$request_uri;
|
||||||
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
|
}
|
||||||
|
|
||||||
# Security headers
|
server {
|
||||||
add_header X-Frame-Options "SAMEORIGIN";
|
listen 443 ssl;
|
||||||
add_header X-XSS-Protection "1; mode=block";
|
server_name ebook.miduway.space;
|
||||||
add_header X-Content-Type-Options "nosniff";
|
|
||||||
|
|
||||||
|
# SSL-сертификаты
|
||||||
|
ssl_certificate /etc/letsencrypt/live/ebook.miduway.space/fullchain.pem;
|
||||||
|
ssl_certificate_key /etc/letsencrypt/live/ebook.miduway.space/privkey.pem;
|
||||||
|
|
||||||
|
# Настройки SSL
|
||||||
|
ssl_protocols TLSv1.2 TLSv1.3;
|
||||||
|
ssl_ciphers HIGH:!aNULL:!MD5;
|
||||||
|
ssl_prefer_server_ciphers on;
|
||||||
|
ssl_session_cache shared:SSL:10m;
|
||||||
|
ssl_session_timeout 10m;
|
||||||
|
|
||||||
|
# Проксирование к Docker-контейнеру
|
||||||
location / {
|
location / {
|
||||||
|
proxy_pass http://localhost:80;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
|
proxy_set_header Connection 'upgrade';
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_cache_bypass $http_upgrade;
|
||||||
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto $scheme;
|
||||||
|
|
||||||
|
# Настройки для Vue.js
|
||||||
try_files $uri $uri/ /index.html;
|
try_files $uri $uri/ /index.html;
|
||||||
|
add_header Cache-Control "no-cache, no-store, must-revalidate";
|
||||||
}
|
}
|
||||||
|
|
||||||
# Cache static assets
|
# Кэширование статических файлов Vue
|
||||||
location /assets/ {
|
location /js/ {
|
||||||
|
proxy_pass http://localhost:80;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_cache_bypass $http_upgrade;
|
||||||
|
|
||||||
|
# Настройки кэширования для JS файлов
|
||||||
expires 1y;
|
expires 1y;
|
||||||
add_header Cache-Control "public, no-transform";
|
add_header Cache-Control "public, immutable";
|
||||||
}
|
}
|
||||||
|
|
||||||
# Error pages
|
location /css/ {
|
||||||
|
proxy_pass http://localhost:80;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_cache_bypass $http_upgrade;
|
||||||
|
|
||||||
|
# Настройки кэширования для CSS файлов
|
||||||
|
expires 1y;
|
||||||
|
add_header Cache-Control "public, immutable";
|
||||||
|
}
|
||||||
|
|
||||||
|
location /img/ {
|
||||||
|
proxy_pass http://localhost:80;
|
||||||
|
proxy_http_version 1.1;
|
||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_cache_bypass $http_upgrade;
|
||||||
|
|
||||||
|
# Настройки кэширования для изображений
|
||||||
|
expires 1y;
|
||||||
|
add_header Cache-Control "public, immutable";
|
||||||
|
}
|
||||||
|
|
||||||
|
# Блокировка доступа к скрытым файлам
|
||||||
|
location ~ /\. {
|
||||||
|
deny all;
|
||||||
|
access_log off;
|
||||||
|
log_not_found off;
|
||||||
|
}
|
||||||
|
|
||||||
|
# Обработка ошибок для Vue.js
|
||||||
error_page 404 /index.html;
|
error_page 404 /index.html;
|
||||||
error_page 500 502 503 504 /50x.html;
|
error_page 500 502 503 504 /50x.html;
|
||||||
location = /50x.html {
|
location = /50x.html {
|
||||||
|
@ -1,8 +1,15 @@
|
|||||||
import { defineConfig } from "vite";
|
import { defineConfig } from 'vite'
|
||||||
import vue from "@vitejs/plugin-vue";
|
import vue from '@vitejs/plugin-vue'
|
||||||
import tailwindcss from "@tailwindcss/vite";
|
import tailwindcss from '@tailwindcss/vite'
|
||||||
|
|
||||||
// https://vite.dev/config/
|
|
||||||
export default defineConfig({
|
export default defineConfig({
|
||||||
plugins: [vue(), tailwindcss()],
|
plugins: [vue(), tailwindcss()],
|
||||||
});
|
build: {
|
||||||
|
outDir: '../www/ebook.miduway.space/dist', // Output to Nginx served directory
|
||||||
|
emptyOutDir: true,
|
||||||
|
},
|
||||||
|
server: {
|
||||||
|
host: '0.0.0.0', // Allow Docker container access
|
||||||
|
port: 4002,
|
||||||
|
},
|
||||||
|
})
|
||||||
|
Reference in New Issue
Block a user