From d7d13d2dba549682382c6963262f07acda55ab01 Mon Sep 17 00:00:00 2001 From: OhSeongRak Date: Wed, 18 Jun 2025 09:28:08 +0900 Subject: [PATCH] refactor: nginx & Dockerfile --- .../container/Dockerfile-smarketing-frontend | 5 +- deployment/container/nginx.conf | 89 +++++++------------ 2 files changed, 34 insertions(+), 60 deletions(-) diff --git a/deployment/container/Dockerfile-smarketing-frontend b/deployment/container/Dockerfile-smarketing-frontend index de230ae..542d749 100644 --- a/deployment/container/Dockerfile-smarketing-frontend +++ b/deployment/container/Dockerfile-smarketing-frontend @@ -41,12 +41,9 @@ ARG EXPORT_PORT=18080 # Copy built files from builder stage COPY --from=builder /app/dist /usr/share/nginx/html -# Copy nginx configuration +# Copy nginx configuration (이미 포트가 18080으로 설정됨) COPY deployment/container/nginx.conf /etc/nginx/conf.d/default.conf -# Create nginx configuration with custom port -RUN sed -i "s/80/${EXPORT_PORT}/g" /etc/nginx/conf.d/default.conf - EXPOSE ${EXPORT_PORT} CMD ["nginx", "-g", "daemon off;"] \ No newline at end of file diff --git a/deployment/container/nginx.conf b/deployment/container/nginx.conf index 1ea0539..685b08c 100644 --- a/deployment/container/nginx.conf +++ b/deployment/container/nginx.conf @@ -1,69 +1,46 @@ -events { - worker_connections 1024; -} +server { + listen 18080; + server_name localhost; + root /usr/share/nginx/html; + index index.html index.htm; -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - # Logging - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - error_log /var/log/nginx/error.log warn; - - # Basic settings - sendfile on; - tcp_nopush on; - tcp_nodelay on; - keepalive_timeout 65; - types_hash_max_size 2048; - # Gzip compression gzip on; gzip_vary on; - gzip_min_length 10240; - gzip_proxied expired no-cache no-store private must-revalidate; + gzip_min_length 1024; + gzip_proxied any; + gzip_comp_level 6; gzip_types text/plain text/css text/xml text/javascript - application/x-javascript - application/xml+rss application/javascript + application/xml+rss application/json; - - server { - listen 18080; - server_name localhost; - - # Security headers - add_header X-Frame-Options "SAMEORIGIN" always; - add_header X-XSS-Protection "1; mode=block" always; - add_header X-Content-Type-Options "nosniff" always; - add_header Referrer-Policy "no-referrer-when-downgrade" always; - add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always; - - location / { - root /usr/share/nginx/html; - index index.html index.htm; - try_files $uri $uri/ /index.html; - - # Cache static assets - location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { - expires 1y; - add_header Cache-Control "public, immutable"; - } - } - - # Health check endpoint - location /health { - access_log off; - return 200 "healthy\n"; - add_header Content-Type text/plain; - } + + # Handle client routing (Vue Router) + location / { + try_files $uri $uri/ /index.html; + } + + # Security headers + add_header X-Frame-Options "SAMEORIGIN" always; + add_header X-XSS-Protection "1; mode=block" always; + add_header X-Content-Type-Options "nosniff" always; + add_header Referrer-Policy "no-referrer-when-downgrade" always; + add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always; + + # Cache static assets + location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg)$ { + expires 1y; + add_header Cache-Control "public, immutable"; + } + + # Health check endpoint + location /health { + access_log off; + return 200 "healthy\n"; + add_header Content-Type text/plain; } } \ No newline at end of file