Add Dockerfile (nginx:1.27-alpine), nginx.conf (gzip, cache, CSP and security headers, no HSTS — left to outer proxy), and docker-compose service `bchanot-web`. Host port is configurable via PORT env var (default 8080) and bound to 127.0.0.1 so the container sits behind a reverse proxy. Container hardened with read_only fs, cap_drop ALL, no-new-privileges, and tmpfs for nginx runtime dirs. Healthcheck via wget on /. Also adds .dockerignore and .env.example, and ignores .env. Usage: cp .env.example .env docker compose up -d --build Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
19 lines
235 B
Plaintext
19 lines
235 B
Plaintext
# OS / editor
|
|
.DS_Store
|
|
Thumbs.db
|
|
*.swp
|
|
*~
|
|
|
|
# Local servers / caches
|
|
.ctx7-cache/
|
|
graphify-out/
|
|
|
|
# Logs
|
|
*.log
|
|
|
|
# Local Claude settings (per-user overrides — keep .claude/ tracked otherwise)
|
|
.claude/settings.local.json
|
|
|
|
# Docker
|
|
.env
|