mocode-software/meldestelle
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

build: optimize Docker setup for Caddy SPA and improve runtime stability

Browse Source 
Updated Dockerfile to streamline the hybrid build process and optimize artifact integration. Modified Caddyfile for better routing logic, enhanced security headers, Prometheus metrics, and improved API proxy handling. Adjusted `dc-gui.yaml` for container stability and simplified runtime configuration for `apiBaseUrl`. Expanded documentation with troubleshooting and session logs.
This commit is contained in:
Stefan Mogeritsch
2026-02-04 16:31:26 +01:00
parent e8dd8cf48f
commit 1aaaf8a203
5 changed files with 87 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files
config/docker/caddy/web-app/Caddyfile
+68 -40
View File
@@ -1,41 +1,69 @@
:4000 {
# Root directory for static files
root * /usr/share/caddy
# Enable Gzip/Zstd compression
encode gzip zstd
# Serve static files
file_server
# Templates for runtime configuration (config.json)
templates {
mime application/json
}
# SPA Routing: Fallback to index.html for non-existent files
try_files {path} /index.html
# Cache Control for static assets (immutable)
@static {
file
path *.js *.css *.png *.jpg *.svg *.wasm
}
header @static Cache-Control "public, max-age=31536000, immutable"
# Security Headers (Future Proofing for Wasm)
header {
# Cross-Origin Isolation for SharedArrayBuffer (required for some Wasm features)
Cross-Origin-Opener-Policy "same-origin"
Cross-Origin-Embedder-Policy "require-corp"
# Standard Security Headers
X-Content-Type-Options "nosniff"
X-Frame-Options "DENY"
}
# Health Check
handle /health {
respond "healthy" 200
}
{
# Global Options
# Enable Prometheus metrics
servers {
metrics
}
}
:4000 {
# Root directory for static files
root * /usr/share/caddy
# Access Logs (JSON format for Docker)
log {
output stdout
format json
}
# Enable Gzip/Zstd compression
encode gzip zstd
# Templates for runtime configuration (config.json)
templates {
mime application/json
}
# Cache Control for static assets (immutable)
@static {
file
path *.js *.css *.png *.jpg *.svg *.wasm
}
header @static Cache-Control "public, max-age=31536000, immutable"
# Security Headers (Future Proofing for Wasm)
header {
# Cross-Origin Isolation for SharedArrayBuffer (required for some Wasm features)
Cross-Origin-Opener-Policy "same-origin"
Cross-Origin-Embedder-Policy "require-corp"
# Standard Security Headers
X-Content-Type-Options "nosniff"
X-Frame-Options "DENY"
Referrer-Policy "strict-origin-when-cross-origin"
Permissions-Policy "camera=(), microphone=(), geolocation=()"
}
# --- ROUTING LOGIC ---
# 1. API Proxy (Priority 1)
handle /api/* {
reverse_proxy api-gateway:8081 {
header_up Host {upstream_hostport}
}
}
# 2. Health Check
handle /health {
respond "healthy" 200
}
# 3. Static Files & SPA Fallback (Priority 2)
handle {
# Serve static files if they exist
file_server
# SPA Routing: Fallback to index.html for non-existent files
try_files {path} /index.html
}
}
config/docker/caddy/web-app/Dockerfile
+3 -2
View File
@@ -1,7 +1,7 @@
# syntax=docker/dockerfile:1.8
# ===================================================================
# Dockerfile for Meldestelle Web-App (Pre-built Artifacts)
# Version: 3.1.0 - Local Build Injection
# Dockerfile for Meldestelle Web-App (Hybrid Build)
# Version: 3.2.0 - Optimized & Cleaned
# ===================================================================
# === GLOBAL ARGS ===
@@ -31,6 +31,7 @@ COPY config/docker/caddy/web-app/config.json /usr/share/caddy/config.json
COPY frontend/shells/meldestelle-portal/build/dist/js/productionExecutable/ /usr/share/caddy/
# Ensure favicon exists (fallback)
# Using the shared asset from existing config structure
COPY config/docker/nginx/web-app/favicon.svg /usr/share/caddy/favicon.svg
EXPOSE 4000
config/docker/caddy/web-app/config.json
+1 -1
View File
@@ -1,3 +1,3 @@
{
"apiBaseUrl": "{{env "API_BASE_URL" | default "http://localhost:8081"}}"
"apiBaseUrl": "{{env "API_BASE_URL" | default ""}}"
}