dlawler489/etsy-finance-tracker
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
etsy-finance-tracker/Dockerfile
dlawler489 b2da6c69ed Add Nginx reverse proxy for production deployment 
Architecture Updates:
- Nginx serves static React files for optimal performance
- Nginx proxies API requests to Node.js backend (port 8080)
- Separation of concerns: static files vs API handling
- Professional production setup with proper caching

Features Added:
- nginx.conf with optimized configuration:
  - Static file serving with long-term caching
  - API reverse proxy with rate limiting
  - Security headers and GZIP compression
  - Health check proxying and SPA routing support
- Updated docker-compose.yml for multi-container setup
- build-deploy.sh script for automated deployment
- Updated environment configuration for container networking

Security & Performance:
- Rate limiting on API and auth endpoints
- Security headers (XSS, CSRF, clickjacking protection)
- GZIP compression for static assets
- Proper cache control headers
- Container-to-container communication

Deployment:
- Single command deployment with ./build-deploy.sh
- Nginx on port 80 (exposed as 3000) serving React app
- API server on internal port 8080 (not exposed)
- Persistent data volume mounting for business files
2026-04-21 06:30:44 +10:00

58 lines
No EOL
1.6 KiB
Docker
Raw Blame History

# Multi-stage build for production-ready Etsy Finance Tracker with Nginx
# Stage 1: Build the React client
FROM node:18-alpine AS client-build
WORKDIR /app/client
# Copy client package files
COPY client/package*.json ./
RUN npm ci --only=production
# Copy client source and build
COPY client/ ./
RUN npm run build
# Stage 2: Build the Node.js server
FROM node:18-alpine AS server-build
WORKDIR /app/server
# Copy server package files
COPY server/package*.json ./
RUN npm ci --only=production
# Copy server source and build
COPY server/ ./
RUN npm run build
# Stage 3: Production API server (no static files)
FROM node:18-alpine AS production
WORKDIR /app
# Install dumb-init for proper signal handling and curl for health checks
RUN apk add --no-cache dumb-init curl
# Create non-root user for security
RUN addgroup -g 1001 -S nodejs
RUN adduser -S nodejs -u 1001
# Copy built server
COPY --from=server-build --chown=nodejs:nodejs /app/server/dist ./server/
COPY --from=server-build --chown=nodejs:nodejs /app/server/node_modules ./server/node_modules/
COPY --from=server-build --chown=nodejs:nodejs /app/server/package*.json ./server/
# Create data directory for persistent storage
RUN mkdir -p /app/data && chown nodejs:nodejs /app/data
# Switch to non-root user
USER nodejs
# Expose API port (nginx will handle port 80)
EXPOSE 8080
# Health check for API server
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD curl -f http://localhost:8080/health || exit 1
# Start the API server
ENTRYPOINT ["dumb-init", "--"]
CMD ["node", "server/index.js"]
Reference in a new issue View git blame Copy permalink