Updated Docker Build & Vulnerability Patching #240

NOXCIS · 2023-12-31T00:32:14Z

@jrmi

jrmi · 2023-12-31T10:50:30Z

@jrmi

Perfect, will review it ASAP.

jrmi

Great job Noxcis. I like the multistage docker image.

I left a few comments, let me know what you think.

Dockerfile

jrmi · 2024-01-02T08:23:22Z

client/public/manifest.json

  "scope": "/",
  "description": "Secure and encrypted web chat with Darkwire.io"
-}
+}


I think this change is unnecessary ;-)

Still haven't gotten around to configure my IDE, spends time time fighting docker engine.

jrmi · 2024-01-02T08:35:09Z

start.sh

+    openssl genpkey -algorithm RSA -out "$key_file"
+
+    # Generate certificate signing request (CSR)
+    openssl req -new -key "$key_file" -out "$csr_file" -subj "/C=US/ST=FL/L=Miami/O=NoxCorp/OU=GhostWorks/CN=Noxcis"


May be the "subject" should be more... generic? May be something that can be configured with the env if needed with the previous value as default, what do you think?

I agree any ideas on how to implement?

You could use define a new env var like: CSR_SUBJECT and use it in this script? What do you think?

jrmi · 2024-01-02T09:19:22Z

client/.env.dist

@@ -1,14 +0,0 @@
-# Api settings


Why do you remove this file (and the one from the server) ? I think it still a good idea to have a template when in development or may be if someone wants a custom install without docker for instance, what do you think?

hmm, great point!

jrmi · 2024-01-02T09:24:42Z

start.sh

+set_env &&
+# Start your application
+generate_self_signed_ssl &&
+nginx &&


I wouldn't install Nginx in the Darkwire image. I think it's a good idea to keep things separated. Imagine someone that already have a docker compose stack with an existing Nginx, or someone who prefers Traefik. Adding Nginx doesn't break things, but it adds an extra overhead in most situation. As consequence, I would just keep the yarn start here. However, I think it makes sense to update the docker compose file to use nginx as reverse proxy.

What do you think?

I agree will reserve for my hard-fork meant to run with my project over here Wiregate.

client/src/stylesheets/app.sass

readded env template

NOXCIS added 3 commits December 30, 2023 16:28

push ready

043c6a8

+

f1b89ed

Update start.sh

5c1ebae

NOXCIS added 2 commits December 31, 2023 18:34

Merge branch 'master' into master

fc77afe

Update Dockerfile

6cb3913

jrmi requested changes Jan 2, 2024

View reviewed changes

NOXCIS added 12 commits January 2, 2024 07:10

+

d9fa642

readded env template

updates

ec08d15

updates

04c42ec

up

8f1fb99

fix health check

1efe556

Create docker-image.yml

14842fe

Update docker-image.yml

47d9d86

Update docker-image.yml

28206fb

Update docker-image.yml

903dbd3

Update Dockerfile

34c6f3b

Update docker-image.yml

b63b41c

=

cf5ada6

Updated Docker Build & Vulnerability Patching #240

Are you sure you want to change the base?

Updated Docker Build & Vulnerability Patching #240

Uh oh!

Conversation

NOXCIS commented Dec 31, 2023

Uh oh!

jrmi commented Dec 31, 2023

Uh oh!

jrmi left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants