diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..8ba25f4 --- /dev/null +++ b/.dockerignore @@ -0,0 +1,3 @@ +.cache/ +node_modules/ +public/ diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index c0d37bf..cefb716 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -60,3 +60,14 @@ jobs: - name: Build Gatsby site run: npm run build + + - name: List build directory + run: ls -l public + + - uses: lsst-sqre/build-and-push-to-ghcr@v1 + id: build + with: + image: ${{ github.repository }} + github_token: ${{ secrets.GITHUB_TOKEN }} + + - run: echo Pushed ghcr.io/${{ github.repository }}:${{ steps.build.outputs.tag }} diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..856ba4f --- /dev/null +++ b/Dockerfile @@ -0,0 +1,20 @@ +FROM nginx:alpine as server +# # Set working directory to nginx asset directory +# WORKDIR /usr/share/nginx/html +# # Remove default nginx static assets +# RUN rm -rf ./* +# # Copy static assets from builder stage +# COPY --from=builder /app/public . +# # Containers run nginx with global directives and daemon off +# ENTRYPOINT ["nginx", "-g", "daemon off;"] + +COPY nginx-boot.bash /sbin/nginx-boot +RUN chmod +x /sbin/nginx-boot + +RUN apk --update add nginx bash && \ + rm -fR /var/cache/apk/* + +COPY public/ /pub + +CMD [ "/sbin/nginx-boot" ] +EXPOSE 80 diff --git a/nginx-boot.bash b/nginx-boot.bash new file mode 100644 index 0000000..9e568bd --- /dev/null +++ b/nginx-boot.bash @@ -0,0 +1,118 @@ +#!/bin/bash + +# Check for variables +export CHARSET=${CHARSET:-utf-8} + +export WORKER_CONNECTIONS=${WORKER_CONNECTIONS:-1024} +export HTTP_PORT=${HTTP_PORT:-80} +export NGINX_CONF=/etc/nginx/mushed.conf + +export PUBLIC_PATH=${PUBLIC_PATH:-/pub} + +export GZIP_TYPES=${GZIP_TYPES:-application/javascript application/x-javascript application/rss+xml text/javascript text/css image/svg+xml} +export GZIP_LEVEL=${GZIP_LEVEL:-6} + +export CACHE_IGNORE=${CACHE_IGNORE:-html} +export CACHE_PUBLIC=${CACHE_PUBLIC:-ico|jpg|jpeg|png|gif|svg|js|jsx|css|less|swf|eot|ttf|otf|woff|woff2} +export CACHE_PUBLIC_EXPIRATION=${CACHE_PUBLIC_EXPIRATION:-1y} + +if [ "$TRAILING_SLASH" = false ]; then + REWRITE_RULE="rewrite ^(.+)/+\$ \$1 permanent" + TRY_FILES="try_files \$uri \$uri/index.html =404" +else + REWRITE_RULE="rewrite ^([^.]*[^/])\$ \$1/ permanent" + TRY_FILES="try_files \$uri \$uri/ \$uri/index.html =404" +fi + +if [ "$DISABLE_FILE_CACHE" != true ]; then + read -r -d '' FILE_CACHE <<'EOF' + + ## Cache open FD + open_file_cache max=10000 inactive=3600s; + open_file_cache_valid 7200s; + open_file_cache_min_uses 2; + +EOF +fi + +if [ -f /etc/nginx/server.conf ]; then + CUSTOM_SERVER_CONFIG=$( $NGINX_CONF +daemon off; +worker_processes 1; +user root; + +events { + worker_connections $WORKER_CONNECTIONS; +} + +http { + include mime.types; + default_type application/octet-stream; + + keepalive_timeout 15; + autoindex off; + server_tokens off; + port_in_redirect off; + absolute_redirect off; + sendfile off; + tcp_nopush on; + tcp_nodelay on; + + client_max_body_size 64k; + client_header_buffer_size 16k; + large_client_header_buffers 4 16k; + + $FILE_CACHE + + ## Gzipping is an easy way to reduce page weight + gzip on; + gzip_vary on; + gzip_proxied any; + gzip_types $GZIP_TYPES; + gzip_buffers 16 8k; + gzip_comp_level $GZIP_LEVEL; + + access_log /dev/stdout; + error_log /dev/stderr error; + + server { + listen $HTTP_PORT; + root $PUBLIC_PATH; + + index index.html; + autoindex off; + charset $CHARSET; + + error_page 404 /404.html; + + location ~* \.($CACHE_IGNORE)$ { + add_header Cache-Control "no-store"; + expires off; + } + location ~* \.($CACHE_PUBLIC)$ { + add_header Cache-Control "public"; + expires +$CACHE_PUBLIC_EXPIRATION; + } + + $REWRITE_RULE; + + $TRY_FILES; + + $CUSTOM_SERVER_CONFIG + } +} + +EOF + +[ "" != "$DEBUG" ] && cat $NGINX_CONF; + +mkdir -p /run/nginx/ +chown -R root:root /var/lib/nginx + +exec nginx -c $NGINX_CONF