-
Notifications
You must be signed in to change notification settings - Fork 56
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
3 changed files
with
87 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| # nginx.conf | ||
|
|
||
| events { | ||
| } | ||
|
|
||
| http { | ||
| server { | ||
| # Redirect HTTP requests to HTTPS. | ||
| listen 80; | ||
|
|
||
| return 307 https://$host$request_uri; | ||
| } | ||
|
|
||
| server { | ||
| listen 443 ssl; | ||
|
|
||
| server_tokens off; | ||
|
|
||
| ssl_certificate /etc/nginx/ssl/my_ssl_cert.crt; | ||
| ssl_certificate_key /etc/nginx/ssl/my_ssl_key.key; | ||
|
|
||
| location / { | ||
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | ||
| proxy_set_header X-Forwarded-Proto https; | ||
| proxy_set_header X-Forwarded-Ssl on; | ||
| proxy_set_header Host $http_host; | ||
| proxy_redirect off; | ||
| proxy_pass http://127.0.0.1:3000; | ||
| proxy_buffers 8 16k; | ||
| proxy_buffer_size 16k; | ||
| proxy_cookie_path / "/; HTTPOnly; Secure"; | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| FROM node:20-alpine AS base | ||
|
|
||
| ARG WORKSPACE | ||
| ENV WORKSPACE $WORKSPACE | ||
|
|
||
| ENV NEXT_TELEMETRY_DISABLED 1 | ||
|
|
||
| FROM base AS development | ||
|
|
||
| ENV NODE_ENV development | ||
|
|
||
| WORKDIR /app | ||
|
|
||
| RUN apk add --no-cache libc6-compat | ||
|
|
||
| COPY $WORKSPACE ./$WORKSPACE | ||
| COPY /packages /app/packages | ||
| COPY package.json /app | ||
| COPY package-lock.json /app | ||
|
|
||
| RUN npm install | ||
|
|
||
| CMD ["npm", "run", "dev", "--workspace", "${WORKSPACE}"] | ||
|
|
||
| FROM development AS builder | ||
|
|
||
| WORKDIR /app | ||
|
|
||
| ENV NODE_ENV production | ||
|
|
||
| RUN npm run build -w $WORKSPACE | ||
|
|
||
| FROM base AS production | ||
|
|
||
| WORKDIR /app | ||
|
|
||
| ENV NODE_ENV production | ||
|
|
||
| COPY --from=builder /app/$WORKSPACE/public ./$WORKSPACE/public | ||
| COPY --from=builder /app/$WORKSPACE/.next/standalone ./ | ||
| COPY --from=builder /app/$WORKSPACE/.next/static ./$WORKSPACE/.next/static | ||
|
|
||
| RUN apk add --no-cache libcap nginx openssl | ||
| RUN setcap cap_net_bind_service=+ep `readlink -f \`which node\`` | ||
|
|
||
| RUN apk add --no-cache nginx | ||
| RUN mkdir -p /etc/nginx/ssl | ||
| RUN openssl req -x509 -newkey rsa:4096 -sha256 -nodes -keyout /etc/nginx/ssl/my_ssl_key.key -out /etc/nginx/ssl/my_ssl_cert.crt -subj "/CN=cloudmos.io" -days 600 | ||
| COPY apps/deploy-web/nginx.conf /etc/nginx/nginx.conf | ||
| RUN nginx -t | ||
|
|
||
| CMD sed -i "s/127.0.0.1/$(hostname -i)/" /etc/nginx/nginx.conf && nginx && node apps/deploy-web/server.js |