From abfd0bf636f93b371687dda4dddae8022a457575 Mon Sep 17 00:00:00 2001 From: Greg Date: Thu, 29 May 2025 15:35:27 +0200 Subject: [PATCH] refactor: simplify to static Nginx server by removing Node.js API and authentication components --- Dockerfile | 70 ++++++++++++++++++---------------------------- docker-compose.yml | 33 ++-------------------- nginx.conf | 50 +-------------------------------- 3 files changed, 30 insertions(+), 123 deletions(-) diff --git a/Dockerfile b/Dockerfile index 98e07a9..24783c6 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,51 +1,35 @@ -# Multi-stage build for smaller final image -FROM node:18-alpine AS base - -# Install dependencies for the data API -WORKDIR /app -COPY package*.json ./ -RUN npm install --production - -# Build stage for the web application -FROM node:18-alpine AS web-builder -WORKDIR /app - -# Copy all application files -COPY . . - -# Final stage +# Use Nginx as the base image for serving static content FROM nginx:alpine -# Create directory for persistent data storage -RUN mkdir -p /data && chmod -R 755 /data - -# Install Node.js for the data API -RUN apk add --no-cache nodejs npm supervisor - -# Copy the static website files to the Nginx serving directory -COPY --from=web-builder /app /usr/share/nginx/html - -# Copy the Node.js dependencies and API scripts -COPY --from=base /app/node_modules /usr/share/nginx/api/node_modules -COPY data-api.js /usr/share/nginx/api/ -COPY backup-s3.js /usr/share/nginx/api/ -COPY auth-middleware.js /usr/share/nginx/api/ -COPY login.html /usr/share/nginx/api/ -COPY generate-htpasswd.js /usr/share/nginx/api/ - -# Copy a custom Nginx configuration that includes the data API proxy +# Copy the custom Nginx configuration +# This replaces the default Nginx configuration COPY nginx.conf /etc/nginx/conf.d/default.conf -COPY nginx-auth.conf /etc/nginx/auth.conf -# Copy supervisor configuration -COPY supervisord.conf /etc/supervisord.conf +# Copy all static website files to the Nginx serving directory +# This includes HTML, CSS, JavaScript, images, and the js/dataManager.js for client-side logic +COPY . /usr/share/nginx/html -# Clean up unnecessary files from the HTML directory -RUN cd /usr/share/nginx/html && \ - rm -rf node_modules Dockerfile docker-compose.yml nginx.conf supervisord.conf data-api.js package*.json .git* .vscode +# Remove unnecessary files and directories from the Nginx serving directory +# This helps to keep the final image size small and clean +RUN rm -rf /usr/share/nginx/html/Dockerfile \ + /usr/share/nginx/html/docker-compose.yml \ + /usr/share/nginx/html/nginx.conf \ + /usr/share/nginx/html/nginx-auth.conf \ + /usr/share/nginx/html/supervisord.conf \ + /usr/share/nginx/html/data-api.js \ + /usr/share/nginx/html/auth-middleware.js \ + /usr/share/nginx/html/backup-s3.js \ + /usr/share/nginx/html/package.json \ + /usr/share/nginx/html/package-lock.json \ + /usr/share/nginx/html/node_modules \ + /usr/share/nginx/html/.git \ + /usr/share/nginx/html/.github \ + /usr/share/nginx/html/.vscode \ + /usr/share/nginx/html/README.md -# Expose port 80 +# Expose port 80 for HTTP traffic EXPOSE 80 -# Start supervisor which will manage both Nginx and Node.js -CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf"] +# Command to start Nginx in the foreground +# This ensures the container keeps running +CMD ["nginx", "-g", "daemon off;"] diff --git a/docker-compose.yml b/docker-compose.yml index d31438d..811572e 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -13,39 +13,10 @@ services: - weight-tracker-data:/data networks: - weight-tracker-network - environment: - # Data file location - make sure this is correct - - DATA_DIR=/data - # Authentication Configuration - - PASSWORD_HASH=${PASSWORD_HASH:-$2a$10$EgxHKjDDFcZKtQY9hl/N4.QvEQHCXVnQXw9dzFYlUDVKOcLMGp9eq} - - AUTH_USERNAME=${AUTH_USERNAME:-user} - - AUTH_PASSWORD=${AUTH_PASSWORD:-password} - - SESSION_SECRET=${SESSION_SECRET:-change-this-to-a-random-string} - - COOKIE_SECURE=${COOKIE_SECURE:-false} - - # S3 Backup Configuration - - S3_ENDPOINT=${S3_ENDPOINT:-https://your-minio-server.example.com} - - S3_REGION=${S3_REGION:-us-east-1} - - S3_BUCKET=${S3_BUCKET:-weight-tracker-backups} - - S3_ACCESS_KEY=${S3_ACCESS_KEY:-your-access-key} - - S3_SECRET_KEY=${S3_SECRET_KEY:-your-secret-key} - - S3_USE_SSL=${S3_USE_SSL:-true} - - BACKUP_SCHEDULE=${BACKUP_SCHEDULE:-0 0 * * *} - - BACKUP_RETENTION=${BACKUP_RETENTION:-7} + # No specific environment variables needed for the static Nginx server + # environment: {} labels: - "coolify.volume.weight-tracker-data=/data" - # Coolify environment variable labels for authentication - - "coolify.env.PASSWORD_HASH=Bcrypt hash of your password" - - "coolify.env.SESSION_SECRET=Secret for session encryption (random string)" - - "coolify.env.COOKIE_SECURE=Set to true if using HTTPS (default: false)" - # Coolify environment variable labels for S3 backup - - "coolify.env.S3_ENDPOINT=S3 endpoint URL (e.g., https://minio.example.com)" - - "coolify.env.S3_REGION=S3 region (e.g., us-east-1)" - - "coolify.env.S3_BUCKET=S3 bucket name for backups" - - "coolify.env.S3_ACCESS_KEY=S3 access key" - - "coolify.env.S3_SECRET_KEY=S3 secret key" - - "coolify.env.BACKUP_SCHEDULE=Cron schedule for backups (default: 0 0 * * *)" - - "coolify.env.BACKUP_RETENTION=Number of backups to retain (default: 7)" networks: weight-tracker-network: diff --git a/nginx.conf b/nginx.conf index 83f0c75..d9bbb3c 100644 --- a/nginx.conf +++ b/nginx.conf @@ -8,63 +8,15 @@ server { gzip on; gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; - # DATA API ENDPOINTS - NO AUTHENTICATION - location ^~ /data/ { - auth_basic off; - proxy_pass http://localhost:3000/data/; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection 'upgrade'; - proxy_set_header Host $host; - proxy_cache_bypass $http_upgrade; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - - # CORS headers - add_header 'Access-Control-Allow-Origin' '*' always; - add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; - add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization' always; - - # Preflight requests - if ($request_method = 'OPTIONS') { - add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization'; - add_header 'Access-Control-Max-Age' 1728000; - add_header 'Content-Type' 'text/plain charset=UTF-8'; - add_header 'Content-Length' 0; - return 204; - } - } - - # AUTHENTICATED APPLICATION ROUTES + # Main application location location / { - include /etc/nginx/auth.conf; try_files $uri $uri/ /index.html; - - # CORS headers - add_header 'Access-Control-Allow-Origin' '*' always; - add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always; - add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization' always; - - # Preflight requests - if ($request_method = 'OPTIONS') { - add_header 'Access-Control-Allow-Origin' '*'; - add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS'; - add_header 'Access-Control-Allow-Headers' 'Origin, X-Requested-With, Content-Type, Accept, Authorization'; - add_header 'Access-Control-Max-Age' 1728000; - add_header 'Content-Type' 'text/plain charset=UTF-8'; - add_header 'Content-Length' 0; - return 204; - } } # Enable browser caching for static assets location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - include /etc/nginx/auth.conf; expires 30d; add_header Cache-Control "public, no-transform"; - add_header 'Access-Control-Allow-Origin' '*' always; } # Error pages