Add Dockerfile (nginx:1.27-alpine), nginx.conf (gzip, cache, CSP and security headers, no HSTS — left to outer proxy), and docker-compose service `bchanot-web`. Host port is configurable via PORT env var (default 8080) and bound to 127.0.0.1 so the container sits behind a reverse proxy. Container hardened with read_only fs, cap_drop ALL, no-new-privileges, and tmpfs for nginx runtime dirs. Healthcheck via wget on /. Also adds .dockerignore and .env.example, and ignores .env. Usage: cp .env.example .env docker compose up -d --build Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
21 lines
268 B
Plaintext
21 lines
268 B
Plaintext
# Source control / Claude / local-only
|
|
.git
|
|
.gitignore
|
|
.claude
|
|
CLAUDE.md
|
|
README.md
|
|
|
|
# Docker meta (not needed inside the image)
|
|
Dockerfile
|
|
docker-compose.yml
|
|
.dockerignore
|
|
.env
|
|
.env.example
|
|
nginx.conf.bak
|
|
|
|
# Editor / OS noise
|
|
*.swp
|
|
.DS_Store
|
|
node_modules
|
|
graphify-out
|