bchanot-cv/Dockerfile
Bastien Chanot f1e4392c65 fix(docker): COPY favicon assets into image + cache header
Dockerfile selectively COPYs files into /usr/share/nginx/html. Favicon
assets (favicon.svg, favicon-32.png, favicon.ico, apple-touch-icon.png)
were added to the repo in ef31fb3 but never wired into the Dockerfile,
so a rebuilt container served 404 for /favicon.svg and friends — broken
favicon in prod even after `docker compose up -d --build`.

nginx.conf gets a matching long-cache rule for icon/image assets
(30 days, immutable, access_log off) — they rarely change and the file
name is the cache key anyway.

Deploy: on the VPS, `docker compose up -d --build`.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-17 04:07:32 +02:00

28 lines
858 B
Docker

# Static site for bchanot.fr
# nginx:alpine serves index.html + CV (HTML + PDF).
FROM nginx:1.27-alpine
# Custom nginx config (gzip, cache, security headers).
COPY nginx.conf /etc/nginx/conf.d/default.conf
# Site assets.
WORKDIR /usr/share/nginx/html
RUN rm -rf ./*
COPY index.html ./
COPY CV_Bastien_Chanot.html ./
COPY CV_Bastien_Chanot.pdf ./
COPY favicon.svg favicon-32.png favicon.ico apple-touch-icon.png ./
# Non-root hardening: nginx:alpine already drops privileges to "nginx" user
# for worker processes. Master runs as root only to bind port 80 inside
# the container — fine because the host port is the one exposed.
EXPOSE 80
# Basic healthcheck: nginx must serve index.html.
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
CMD wget -qO- http://127.0.0.1/ >/dev/null || exit 1
CMD ["nginx", "-g", "daemon off;"]