Brunobrno/STANDART
Template
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

k

Browse Source
This commit is contained in:
David Bruno Vontor
2025-10-24 03:11:15 +02:00
parent e4048f90e5
commit 680e8a4e56
5 changed files with 204 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
frontend/.env-frontend → frontend/.env
View File

16
frontend/Dockerfile.prod Normal file
View File

@@ -0,0 +1,16 @@
# Step 1: Build React (Vite) app
FROM node:22-alpine AS build
WORKDIR /app
COPY package*.json ./
# If package-lock.json exists, npm ci is faster and reproducible
RUN npm ci || npm install
COPY . .
ENV NODE_ENV=production
RUN npm run build
# Step 2: Nginx runtime
FROM nginx:1.27-alpine
COPY nginx/nginx.conf /etc/nginx/conf.d/default.conf
COPY --from=build /app/dist /usr/share/nginx/html
EXPOSE 80
CMD ["nginx", "-g", "daemon off;"]

70
frontend/nginx/nginx.conf Normal file
View File

@@ -0,0 +1,70 @@
# nginx.conf
worker_processes auto;
user nginx;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
client_max_body_size 50m;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name _;
# -------------------------
# React frontend
# -------------------------
root /usr/share/nginx/html;
index index.html;
location / {
try_files $uri /index.html;
}
# # -------------------------
# # Django backend API
# # -------------------------
# # Serve Django static and media volumes mounted into the container
# location /static/ {
# alias /app/collectedstaticfiles/;
# }
# location /media/ {
# alias /app/media/;
# }
# # Same-origin proxy for API -> avoids CORS and allows cookies
# location /api {
# return 301 /api/;
# }
# location /api/ {
# proxy_pass http://backend:8000;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Proto $scheme;
# proxy_http_version 1.1;
# proxy_set_header Connection "";
# proxy_buffering off;
# client_max_body_size 50m;
# }
# -------------------------
# Security headers
# -------------------------
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
add_header Referrer-Policy "strict-origin-when-cross-origin";
# Minimal, valid CSP for development
add_header Content-Security-Policy "default-src 'self'; frame-src 'self' https://www.google.com https://*.google.com https://*.google.cz; frame-ancestors 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' 'unsafe-inline'; img-src 'self' data: blob: https:; connect-src 'self' http://127.0.0.1:8000 http://localhost:8000 ws: wss:; font-src 'self' data:";
}
}

2
frontend/src/components/main/Nav.tsx
View File

@@ -26,7 +26,7 @@ export default function Nav() {
{/* Brand */}
<Link to="/" className="flex items-center m-0 p-0" aria-label={t('nav.brandAlt')}>
<img
src="/public/images/logo.png"
src="/images/logo.png"
alt={t('nav.brandAlt')}
className="block h-16 w-auto m-0 p-0 object-contain select-none"
draggable={false}