site hardening

This commit is contained in:
Corey Blais
2026-03-27 10:04:54 -04:00
parent 900bf4eb06
commit 4bc809ff8b
6 changed files with 84 additions and 19 deletions
+7 -17
View File
@@ -39,12 +39,6 @@ services:
depends_on:
postgres:
condition: service_healthy
command: >
sh -c "npm install --legacy-peer-deps &&
npm run dev"
volumes:
- ./backend:/app
- ./backend/node_modules:/app/node_modules
labels:
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK:-traefik}
@@ -59,27 +53,23 @@ services:
frontend:
build:
context: ./frontend
dockerfile: Dockerfile.dev
dockerfile: Dockerfile
args:
VITE_API_BASE_URL: ${VITE_API_BASE_URL:-https://api.arsenal.example.com/api}
VITE_ALLOW_REGISTRATION: ${ALLOW_REGISTRATION:-true}
VITE_ALLOW_DEMO_ACCOUNT: ${ALLOW_DEMO_ACCOUNT:-false}
container_name: arsenaliq-frontend
environment:
VITE_API_BASE_URL: ${VITE_API_BASE_URL:-https://api.arsenal.example.com/api}
VITE_ALLOW_REGISTRATION: ${ALLOW_REGISTRATION:-true}
VITE_ALLOW_DEMO_ACCOUNT: ${ALLOW_DEMO_ACCOUNT:-false}
CSP_CONNECT_SRC: ${FRONTEND_CSP_CONNECT_SRC:-https://api.arsenal.example.com}
depends_on:
- backend
command: >
sh -c "npm install --legacy-peer-deps &&
npm run dev -- --host"
volumes:
- ./frontend:/app
- ./frontend/node_modules:/app/node_modules
labels:
- traefik.enable=true
- traefik.docker.network=${TRAEFIK_NETWORK:-traefik}
- traefik.http.routers.arsenaliq-web.rule=Host(`${TRAEFIK_WEB_HOST:-arsenal.local}`)
- traefik.http.routers.arsenaliq-web.entrypoints=${TRAEFIK_ENTRYPOINT:-websecure}
- traefik.http.routers.arsenaliq-web.tls=true
- traefik.http.services.arsenaliq-web.loadbalancer.server.port=3000
- traefik.http.services.arsenaliq-web.loadbalancer.server.port=80
networks:
- arsenal_iq
- traefik