first implementation

2026-05-18 02:09:39 +02:00 · 2025-11-27 17:26:18 +01:00 · 2025-11-27 17:26:18 +01:00 · 74dc6892ab
commit 74dc6892ab
parent 98efa6f6e8
61 changed files with 30899 additions and 4934 deletions
--- a/docker/nginx/astro.conf
+++ b/docker/nginx/astro.conf
@ -0,0 +1,36 @@
+server {
+    listen 80;
+    server_name _;
+
+    root /usr/share/nginx/html;
+    index index.html;
+
+    # Gzip compression
+    gzip on;
+    gzip_vary on;
+    gzip_min_length 1024;
+    gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml+rss application/json application/javascript;
+
+    # Security headers
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+
+    # Cache static assets
+    location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2|ttf|eot)$ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+    }
+
+    # Main location
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+
+    # Health check endpoint
+    location /health {
+        access_log off;
+        return 200 "healthy\n";
+        add_header Content-Type text/plain;
+    }
+}
--- a/docker/templates/Dockerfile.astro
+++ b/docker/templates/Dockerfile.astro
@ -0,0 +1,61 @@
+# Multi-stage Dockerfile for Astro landing pages
+# This is a template - copy and customize for each landing page
+
+# ============================================
+# Build Stage
+# ============================================
+FROM node:20-alpine AS builder
+
+# Install pnpm
+RUN corepack enable && corepack prepare pnpm@9.15.0 --activate
+
+WORKDIR /app
+
+# Copy workspace files
+COPY pnpm-workspace.yaml ./
+COPY package.json ./
+COPY pnpm-lock.yaml ./
+
+# Copy all shared packages
+COPY packages/ ./packages/
+
+# Copy the specific landing page
+ARG SERVICE_PATH
+COPY ${SERVICE_PATH} ./${SERVICE_PATH}
+
+# Install all dependencies
+RUN pnpm install --frozen-lockfile
+
+# Build shared packages first
+RUN pnpm run build:packages
+
+# Build the landing page
+WORKDIR /app/${SERVICE_PATH}
+RUN pnpm build
+
+# ============================================
+# Production Stage - Nginx
+# ============================================
+FROM nginx:alpine AS production
+
+# Copy nginx configuration
+COPY docker/nginx/astro.conf /etc/nginx/conf.d/default.conf
+
+# Copy built static files
+ARG SERVICE_PATH
+COPY --from=builder /app/${SERVICE_PATH}/dist /usr/share/nginx/html
+
+# Add healthcheck script
+RUN echo '#!/bin/sh' > /usr/local/bin/healthcheck.sh && \
+    echo 'curl -f http://localhost/ || exit 1' >> /usr/local/bin/healthcheck.sh && \
+    chmod +x /usr/local/bin/healthcheck.sh
+
+# Expose port
+EXPOSE 80
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=10s --start-period=10s --retries=3 \
+  CMD /usr/local/bin/healthcheck.sh
+
+# Start nginx
+CMD ["nginx", "-g", "daemon off;"]
--- a/docker/templates/Dockerfile.nestjs
+++ b/docker/templates/Dockerfile.nestjs
@ -0,0 +1,88 @@
+# Multi-stage Dockerfile for NestJS backend services
+# This is a template - copy and customize for each backend service
+
+# ============================================
+# Build Stage
+# ============================================
+FROM node:20-alpine AS builder
+
+# Install pnpm
+RUN corepack enable && corepack prepare pnpm@9.15.0 --activate
+
+WORKDIR /app
+
+# Copy workspace files
+COPY pnpm-workspace.yaml ./
+COPY package.json ./
+COPY pnpm-lock.yaml ./
+
+# Copy all shared packages (adjust based on dependencies)
+COPY packages/ ./packages/
+
+# Copy the specific backend service
+# CUSTOMIZE THIS: Replace with your service path
+# Example: COPY apps/chat/apps/backend ./apps/chat/apps/backend
+ARG SERVICE_PATH
+COPY ${SERVICE_PATH} ./${SERVICE_PATH}
+
+# Install all dependencies (including devDependencies for build)
+RUN pnpm install --frozen-lockfile
+
+# Build shared packages first
+RUN pnpm run build:packages
+
+# Build the backend service
+WORKDIR /app/${SERVICE_PATH}
+RUN pnpm build
+
+# ============================================
+# Production Stage
+# ============================================
+FROM node:20-alpine AS production
+
+# Install pnpm and system dependencies
+RUN corepack enable && corepack prepare pnpm@9.15.0 --activate \
+    && apk add --no-cache \
+       postgresql-client \
+       curl \
+       wget
+
+WORKDIR /app
+
+# Copy workspace files
+COPY --from=builder /app/pnpm-workspace.yaml ./
+COPY --from=builder /app/package.json ./
+COPY --from=builder /app/pnpm-lock.yaml ./
+
+# Copy built packages and service
+COPY --from=builder /app/packages ./packages
+ARG SERVICE_PATH
+COPY --from=builder /app/${SERVICE_PATH} ./${SERVICE_PATH}
+
+# Install production dependencies only
+RUN pnpm install --prod --frozen-lockfile
+
+# Create non-root user
+RUN addgroup -g 1001 -S nodejs && \
+    adduser -S nestjs -u 1001
+
+# Change ownership
+RUN chown -R nestjs:nodejs /app
+
+# Switch to non-root user
+USER nestjs
+
+# Set working directory to service
+WORKDIR /app/${SERVICE_PATH}
+
+# Expose port (customize per service)
+ARG PORT=3000
+EXPOSE ${PORT}
+
+# Health check (customize endpoint per service)
+ARG HEALTH_PATH=/health
+HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \
+  CMD wget --no-verbose --tries=1 --spider http://localhost:${PORT}${HEALTH_PATH} || exit 1
+
+# Start the application
+CMD ["node", "dist/main.js"]
--- a/docker/templates/Dockerfile.sveltekit
+++ b/docker/templates/Dockerfile.sveltekit
@ -0,0 +1,89 @@
+# Multi-stage Dockerfile for SvelteKit web applications
+# This is a template - copy and customize for each web app
+
+# ============================================
+# Build Stage
+# ============================================
+FROM node:20-alpine AS builder
+
+# Install pnpm
+RUN corepack enable && corepack prepare pnpm@9.15.0 --activate
+
+WORKDIR /app
+
+# Copy workspace files
+COPY pnpm-workspace.yaml ./
+COPY package.json ./
+COPY pnpm-lock.yaml ./
+
+# Copy all shared packages
+COPY packages/ ./packages/
+
+# Copy the specific web app
+ARG SERVICE_PATH
+COPY ${SERVICE_PATH} ./${SERVICE_PATH}
+
+# Install all dependencies
+RUN pnpm install --frozen-lockfile
+
+# Build shared packages first
+RUN pnpm run build:packages
+
+# Build the web app
+WORKDIR /app/${SERVICE_PATH}
+RUN pnpm build
+
+# ============================================
+# Production Stage
+# ============================================
+FROM node:20-alpine AS production
+
+# Install pnpm
+RUN corepack enable && corepack prepare pnpm@9.15.0 --activate \
+    && apk add --no-cache curl
+
+WORKDIR /app
+
+# Copy workspace files
+COPY --from=builder /app/pnpm-workspace.yaml ./
+COPY --from=builder /app/package.json ./
+COPY --from=builder /app/pnpm-lock.yaml ./
+
+# Copy built packages
+COPY --from=builder /app/packages ./packages
+
+# Copy the built web app
+ARG SERVICE_PATH
+COPY --from=builder /app/${SERVICE_PATH}/build ./${SERVICE_PATH}/build
+COPY --from=builder /app/${SERVICE_PATH}/package.json ./${SERVICE_PATH}/package.json
+
+# Install production dependencies
+RUN pnpm install --prod --frozen-lockfile
+
+# Create non-root user
+RUN addgroup -g 1001 -S nodejs && \
+    adduser -S sveltekit -u 1001
+
+# Change ownership
+RUN chown -R sveltekit:nodejs /app
+
+# Switch to non-root user
+USER sveltekit
+
+# Set working directory to service
+WORKDIR /app/${SERVICE_PATH}
+
+# Expose port
+ARG PORT=3000
+EXPOSE ${PORT}
+
+# Environment variables
+ENV NODE_ENV=production
+ENV PORT=${PORT}
+
+# Health check
+HEALTHCHECK --interval=30s --timeout=10s --start-period=20s --retries=3 \
+  CMD curl -f http://localhost:${PORT}/ || exit 1
+
+# Start the application
+CMD ["node", "build"]