Severian commited on
Commit
af3c1db
·
verified ·
1 Parent(s): 4a617be

Upload Dockerfile

Browse files
Files changed (1) hide show
  1. Dockerfile +194 -0
Dockerfile ADDED
@@ -0,0 +1,194 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ # Multi-stage Dockerfile for Living Nexus - Optimized for Hugging Face Spaces
2
+ # Stage 1: Build Environment
3
+ FROM node:18-alpine AS builder
4
+
5
+ # Set working directory
6
+ WORKDIR /app
7
+
8
+ # Install build dependencies
9
+ RUN apk add --no-cache \
10
+ python3 \
11
+ make \
12
+ g++ \
13
+ git
14
+
15
+ # Copy package files for dependency installation
16
+ COPY package*.json ./
17
+ COPY tsconfig*.json ./
18
+ COPY vite.config.ts ./
19
+
20
+ # Install dependencies with npm ci for faster, reliable builds
21
+ RUN npm ci --only=production=false
22
+
23
+ # Copy source code
24
+ COPY src/ ./src/
25
+ COPY public/ ./public/
26
+ COPY index.html ./
27
+ COPY *.md ./
28
+
29
+ # Copy configuration files
30
+ COPY config*.json ./
31
+ COPY memory-bank/ ./memory-bank/
32
+
33
+ # Build the application with optimizations
34
+ ENV NODE_ENV=production
35
+ RUN npm run build
36
+
37
+ # Verify build output
38
+ RUN ls -la dist/ && \
39
+ du -sh dist/* && \
40
+ echo "Build completed successfully"
41
+
42
+ # Stage 2: Production Environment
43
+ FROM nginx:alpine AS production
44
+
45
+ # Install necessary packages for audio file handling and performance
46
+ RUN apk add --no-cache \
47
+ gzip \
48
+ brotli
49
+
50
+ # Copy custom nginx configuration
51
+ COPY <<EOF /etc/nginx/nginx.conf
52
+ user nginx;
53
+ worker_processes auto;
54
+ error_log /var/log/nginx/error.log warn;
55
+ pid /var/run/nginx.pid;
56
+
57
+ events {
58
+ worker_connections 1024;
59
+ use epoll;
60
+ multi_accept on;
61
+ }
62
+
63
+ http {
64
+ include /etc/nginx/mime.types;
65
+ default_type application/octet-stream;
66
+
67
+ # Logging
68
+ log_format main '\$remote_addr - \$remote_user [\$time_local] "\$request" '
69
+ '\$status \$body_bytes_sent "\$http_referer" '
70
+ '"\$http_user_agent" "\$http_x_forwarded_for"';
71
+ access_log /var/log/nginx/access.log main;
72
+
73
+ # Performance optimizations
74
+ sendfile on;
75
+ tcp_nopush on;
76
+ tcp_nodelay on;
77
+ keepalive_timeout 65;
78
+ types_hash_max_size 2048;
79
+ client_max_body_size 100M;
80
+
81
+ # Gzip compression
82
+ gzip on;
83
+ gzip_vary on;
84
+ gzip_min_length 1024;
85
+ gzip_proxied any;
86
+ gzip_comp_level 6;
87
+ gzip_types
88
+ text/plain
89
+ text/css
90
+ text/xml
91
+ text/javascript
92
+ application/json
93
+ application/javascript
94
+ application/xml+rss
95
+ application/atom+xml
96
+ image/svg+xml
97
+ audio/mpeg
98
+ audio/wav;
99
+
100
+ # Security headers
101
+ add_header X-Frame-Options "SAMEORIGIN" always;
102
+ add_header X-Content-Type-Options "nosniff" always;
103
+ add_header X-XSS-Protection "1; mode=block" always;
104
+ add_header Referrer-Policy "no-referrer-when-downgrade" always;
105
+ add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'" always;
106
+
107
+ server {
108
+ listen 7860;
109
+ listen [::]:7860;
110
+ server_name _;
111
+ root /usr/share/nginx/html;
112
+ index index.html;
113
+
114
+ # Efficient audio file serving
115
+ location ~* \.(mp3|wav|ogg|m4a|aac|flac)$ {
116
+ expires 1y;
117
+ add_header Cache-Control "public, immutable";
118
+ add_header Access-Control-Allow-Origin "*";
119
+ add_header Access-Control-Allow-Methods "GET, OPTIONS";
120
+ add_header Accept-Ranges bytes;
121
+
122
+ # Enable range requests for audio streaming
123
+ location ~* \.mp3$ {
124
+ add_header Content-Type "audio/mpeg";
125
+ }
126
+ location ~* \.wav$ {
127
+ add_header Content-Type "audio/wav";
128
+ }
129
+ location ~* \.ogg$ {
130
+ add_header Content-Type "audio/ogg";
131
+ }
132
+ }
133
+
134
+ # Static assets caching
135
+ location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
136
+ expires 1y;
137
+ add_header Cache-Control "public, immutable";
138
+ access_log off;
139
+ }
140
+
141
+ # Handle client-side routing
142
+ location / {
143
+ try_files \$uri \$uri/ /index.html;
144
+
145
+ # Security and performance headers for HTML
146
+ add_header X-Frame-Options "SAMEORIGIN";
147
+ add_header X-Content-Type-Options "nosniff";
148
+ add_header Cache-Control "no-cache, no-store, must-revalidate";
149
+ }
150
+
151
+ # Health check endpoint for Hugging Face Spaces
152
+ location /health {
153
+ access_log off;
154
+ return 200 "healthy\n";
155
+ add_header Content-Type text/plain;
156
+ }
157
+
158
+ # Optimized error pages
159
+ error_page 404 /index.html;
160
+ error_page 500 502 503 504 /index.html;
161
+ }
162
+ }
163
+ EOF
164
+
165
+ # Copy built application from builder stage
166
+ COPY --from=builder /app/dist /usr/share/nginx/html
167
+
168
+ # Create directory for logs
169
+ RUN mkdir -p /var/log/nginx && \
170
+ chown -R nginx:nginx /var/log/nginx && \
171
+ chown -R nginx:nginx /usr/share/nginx/html
172
+
173
+ # Optimize audio files if they exist
174
+ RUN find /usr/share/nginx/html -name "*.mp3" -exec sh -c 'echo "Audio file found: $1" && ls -lh "$1"' _ {} \;
175
+
176
+ # Pre-compress static assets for better performance
177
+ RUN find /usr/share/nginx/html -type f \( -name "*.html" -o -name "*.css" -o -name "*.js" -o -name "*.json" \) \
178
+ -exec gzip -k -9 {} \; && \
179
+ find /usr/share/nginx/html -type f \( -name "*.html" -o -name "*.css" -o -name "*.js" -o -name "*.json" \) \
180
+ -exec brotli -k -9 {} \;
181
+
182
+ # Set proper permissions
183
+ RUN chown -R nginx:nginx /usr/share/nginx/html && \
184
+ chmod -R 755 /usr/share/nginx/html
185
+
186
+ # Expose port 7860 (Hugging Face Spaces default)
187
+ EXPOSE 7860
188
+
189
+ # Health check
190
+ HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
191
+ CMD curl -f http://localhost:7860/health || exit 1
192
+
193
+ # Start nginx
194
+ CMD ["nginx", "-g", "daemon off;"]