Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 5fcd7b8

Browse files
Merge develop to main (#41)
* package dependencies, docker-compose file, deployment scripts and nginx configurations updates - Change default branch from master to main - Upgraded package dependencies - Updated docker-compose file - Updated nginx configurations - Updated deployment scripts - Added more nginx configurations - Added volumes to the react service * Updated README.md issues page link * Bugfixes package docker upgrades sep2023 (#39) * Merge develop to main (#18) * package dependencies, docker-compose file, deployment scripts and nginx configurations updates - Change default branch from master to main - Upgraded package dependencies - Updated docker-compose file - Updated nginx configurations - Updated deployment scripts - Added more nginx configurations - Added volumes to the react service * Updated README.md issues page link * Bugfixes package docker upgrades jan2023 (#37) * Dependency upgrades to latest stable version * Remove unnecessary docker compose version declaration * Added more nginx configurations * Upgraded nginx and debian docker images to latest stable release * Package dependency updates * Docker nginx updates (#40) * Updated docker images to latest versions * Enabled ssl stapling * Removed unnecessary commented out code
1 parent d69517a commit 5fcd7b8

File tree

4 files changed

+2386
-1964
lines changed

4 files changed

+2386
-1964
lines changed

‎docker/Dockerfile‎

Lines changed: 16 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
1+
# Stage 1: Build React App
12
# base image
2-
FROM node:19.4.0-alpine as builder
3+
FROM node:20.5-alpine as builder
34
# send signal to containers to stop them
45
STOPSIGNAL SIGTERM
56
# create working directory
@@ -10,13 +11,16 @@ WORKDIR /usr/src/reactapp
1011
COPY package*.json ./
1112
# install dependencies with precise, for more stories visit - https://yarnpkg.com/lang/en/docs/cli/install/
1213
RUN yarn install --silent --non-interactive --frozen-lockfile --ignore-optional
14+
# Copy the entire project
1315
COPY . .
16+
# Build the app
1417
RUN PUBLIC_URL=/ yarn run build
15-
FROM nginx:1.23.3-alpine as reactapp
18+
# Stage 2: Serve App with Nginx
19+
FROM nginx:1.25.2-alpine as reactapp
1620
# Install a self signed SSL certificate with no locally cached packages
17-
FROM debian:11.6-slim
18-
# Open SSL Version pinning - https://debian.pkgs.org/11/debian-main-amd64/openssl_1.1.1n-0+deb11u3_amd64.deb.html
19-
RUN apt-get update && apt-get install -y --no-install-recommends nginx openssl=1.1.1n-0+deb11u3 \
21+
FROM debian:11.7-slim
22+
# Open SSL Version pinning - https://debian.pkgs.org/11/debian-main-amd64/openssl_1.1.1n-0+deb11u4_amd64.deb.html
23+
RUN apt-get update && apt-get install -y --no-install-recommends nginx openssl=1.1.1n-0+deb11u4 \
2024
&& apt-get clean \
2125
&& rm -rf /var/lib/apt/lists/* \
2226
&& openssl req \
@@ -27,12 +31,16 @@ RUN apt-get update && apt-get install -y --no-install-recommends nginx openssl=1
2731
-new \
2832
-newkey rsa:2048 \
2933
-keyout /etc/ssl/private/nginx-selfsigned.key \
30-
-out /etc/ssl/certs/nginx-selfsigned.crt
31-
34+
-out /etc/ssl/certs/nginx-selfsigned.crt \
35+
# Remove the default content in the Nginx document root directory before copying the built React app into it.
3236
RUN rm -rf /usr/share/nginx/html/*
37+
# Copy Nginx configuration files
3338
COPY --from=builder /usr/src/reactapp/nginx/nginx.conf /etc/nginx/nginx.conf
3439
COPY --from=builder /usr/src/reactapp/nginx/nginxconfig/general.conf /etc/nginx/general.conf
3540
COPY --from=builder /usr/src/reactapp/nginx/nginxconfig/security.conf /etc/nginx/security.conf
41+
# Copy built React app
3642
COPY --from=builder /usr/src/reactapp/build /usr/share/nginx/html
43+
# Expose ports
3744
EXPOSE 80 443
38-
CMD ["/bin/bash", "-c", "nginx -g \"daemon off;\""]
45+
# Start Nginx
46+
CMD ["nginx", "-g", "daemon off;"]

‎docker/nginx.conf‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -121,7 +121,7 @@ http
121121
# http://blog.mozilla.org/security/2013/07/29/ocsp-stapling-in-firefox/
122122
#Cloudflare resolver 1dot1dot1dot1.cloudflare-dns.com
123123
# Enables or disables stapling of OCSP responses by the server.
124-
ssl_stapling off;
124+
ssl_stapling on;
125125
ssl_stapling_verify on;
126126
resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001] 8.8.8.8 8.8.4.4 [2001:4860:4860::8888] [2001:4860:4860::8844] 208.67.222.222 208.67.220.220 [2620:119:35::35] [2620:119:53::53] 9.9.9.9 149.112.112.112 [2620:fe::fe] [2620:fe::9] 64.6.64.6 64.6.65.6 [2620:74:1b::1:1] [2620:74:1c::2:2] valid=60s;
127127
resolver_timeout 5s;

‎docker/nginxconfig/general.conf‎

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -43,12 +43,6 @@ if ($request_method !~ ^(GET|PUT|POST)$ )
4343
{
4444
return 444;
4545
}
46-
## In this case, it does not accept other HTTP method such as HEAD, DELETE, SEARCH, TRACE ##
47-
## Only allow access to these domains/sub-domains kakbima.com and localhost
48-
#if ($host !~ ^(accounts.kakbima.com|accounts.kakbima.dev|mua.kakbima.co.ke)$ )
49-
#{
50-
# return 444;
51-
#}
5246
#Gzip can help reduce the amount of network transfer Nginx deals with. However, be careful increasing the gzip_comp_level too high as the server will begin wasting cpu cycles.
5347
#For those using Cloudflare as their CDN this is already taken care of - https://support.cloudflare.com/hc/en-us/articles/200168086-Does-Cloudflare-compress-resources-
5448
#If you want to enable compression, set the value of this directive to on. By default, it is disabled.

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /