Fix Docker build issues by updating Node version and addressing npm installation errors

2025-03-01 18:36:47 -05:00 · 2025-03-01 18:36:47 -05:00 · 758b242f11
parent 68afb6fc6c
commit 758b242f11
3 changed files with 123 additions and 42 deletions
--- a/38
+++ b/38
@ -0,0 +1,38 @@
+FROM node:18-alpine as builder
+
+WORKDIR /app
+
+# Copy package files first for better caching
+COPY package*.json ./
+
+# Clean npm cache and install dependencies with specific flags to avoid errors
+RUN npm cache clean --force && \
+    npm install --production --no-optional && \
+    npm install mocha
+
+# Copy the rest of the application
+COPY . .
+
+# Make sure app.sh is executable
+RUN chmod +x app.sh
+
+# Build assets
+RUN node update-js.js
+
+FROM node:18-alpine
+
+WORKDIR /app
+
+# Copy from builder stage
+COPY --from=builder /app .
+
+# Set environment variables
+ENV NODE_ENV=production \
+    HASTEBIN_ENABLE_CSP=true \
+    HASTEBIN_ENABLE_HSTS=true
+
+# Expose port
+EXPOSE 7777
+
+# Use app.sh script as entry point
+CMD ["/app/app.sh"] 
--- a/app.sh
+++ b/app.sh
@ -25,47 +25,87 @@ esac

 # Generate config.js from environment variables
 cat > config.js <<EOF
+const config = {
+  // Server settings
+  host: "${HOST:-0.0.0.0}",
+  port: ${PORT:-7777},
+  keyLength: ${KEY_LENGTH:-10},
+  maxLength: ${MAX_LENGTH:-400000},
+  staticMaxAge: ${STATIC_MAX_AGE:-86400},
+  recompressStaticAssets: ${RECOMPRESS_STATIC_ASSETS:-true},
+
+  // Security settings
+  security: {
+    // Enable Content Security Policy
+    csp: ${HASTEBIN_ENABLE_CSP:-true},
+    
+    // Enable HTTP Strict Transport Security (only enable in production with HTTPS)
+    hsts: ${HASTEBIN_ENABLE_HSTS:-false},
+    
+    // Additional script sources (empty by default since we now host jQuery locally)
+    scriptSources: "${HASTEBIN_SCRIPT_SOURCES:-}".split(',').filter(Boolean),
+      
+    // Allow bypassing strict CSP in development mode for testing (default: false)
+    bypassCSPInDev: ${HASTEBIN_BYPASS_CSP_IN_DEV:-false},
+      
+    // Allow unsafe-hashes in production for event handlers (default: true)
+    allowUnsafeHashes: ${HASTEBIN_ALLOW_UNSAFE_HASHES:-true},
+      
+    // Enable Cross-Origin isolation headers (default: false)
+    enableCrossOriginIsolation: ${HASTEBIN_ENABLE_CROSS_ORIGIN_ISOLATION:-false}
+  },
+
+  // Logging configuration
+  logging: [
    {
-    "host": "${HOST:-0.0.0.0}",
-    "port": ${PORT:-7777},
-    "keyLength": ${KEY_LENGTH:-10},
-    "maxLength": ${MAX_LENGTH:-400000},
-    "staticMaxAge": ${STATIC_MAX_AGE:-7776000},
-    "recompressStaticAssets": ${RECOMPRESS_STATIC_ASSETS:-true},
-    "logging": [
-      {
-        "level": "${LOGGING_LEVEL:-verbose}",
-        "type": "${LOGGING_TYPE:-Console}",
-        "colorize": ${LOGGING_COLORIZE:-false}
+      level: "${LOGGING_LEVEL:-verbose}",
+      type: "${LOGGING_TYPE:-Console}",
+      colorize: ${LOGGING_COLORIZE:-false},
+      json: ${LOGGING_JSON:-false}
    }
  ],
-    "keyGenerator": {
-      "type": "${KEY_GENERATOR_TYPE:-phonetic}"
-    },
-    "storage": {
-      "type": "${STORAGE_TYPE:-redis}",
-      "path": "${STORAGE_PATH:-./data}",
-      "host": "${STORAGE_HOST:-haste_redis}",
-      "port": ${STORAGE_PORT:-6379},
-      "db": ${STORAGE_DB:-2},
-      "expire": ${STORAGE_EXPIRE:-2592000}
-

+  // Key generator configuration
+  keyGenerator: {
+    type: "${KEY_GENERATOR_TYPE:-phonetic}"
  },

-  "storage": {
-    "type": "${STORAGE_TYPE:-redis}",
-    "path": "${STORAGE_PATH:-./data}",
-    "host": "${STORAGE_HOST:-haste_redis}",
-    "port": ${STORAGE_PORT:-6379},
-    "db": ${STORAGE_DB:-2},
-    "expire": ${STORAGE_EXPIRE:-2592000}
-  },
-
-    "documents": {
-      "about": "./about.md"
+  // Rate limiting configuration
+  rateLimits: {
+    categories: {
+      normal: {
+        totalRequests: ${RATE_LIMIT_TOTAL_REQUESTS:-500},
+        every: ${RATE_LIMIT_WINDOW:-60000}
      }
    }
+  },
+
+  // Storage configuration
+  storage: {
+    type: "${STORAGE_TYPE:-redis}",
+    path: "${STORAGE_PATH:-./data}",
+    host: "${STORAGE_HOST:-redis}",
+    port: ${STORAGE_PORT:-6379},
+    password: "${STORAGE_PASSWORD:-}",
+    db: ${STORAGE_DB:-0},
+    expire: ${STORAGE_EXPIRE:-7776000}
+  },
+
+  // Static documents
+  documents: {
+    about: "${ABOUT_DOCUMENT:-./about.md}"
+  },
+  
+  // CORS settings
+  allowedOrigins: "${HASTEBIN_ALLOWED_ORIGINS:-*}".split(',')
+};
+
+// Support for backwards compatibility
+if (process.env.REDIS_URL || process.env.REDISTOGO_URL) {
+  config.storage.url = process.env.REDIS_URL || process.env.REDISTOGO_URL;
+}
+
+module.exports = config;
 EOF

 # If TEST_MODE is true, install Mocha and run tests
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -1,6 +1,6 @@
 services:
  redis:
-    image: git.nixc.us/colin/haste:production-redis
+    image: redis:alpine
    volumes:
      - redis_data:/data
    networks:
@ -14,9 +14,11 @@ services:
        condition: on-failure

  haste:
-    image: git.nixc.us/colin/haste:production-haste
+    build:
+      context: .
+      dockerfile: Dockerfile
    volumes:
-      - public_system:/haste/public/system
+      - public_system:/app/public/system
    environment:
      - NODE_ENV=production
      - HASTEBIN_ENABLE_CSP=true
@ -24,6 +26,7 @@ services:
      - HASTEBIN_ALLOW_UNSAFE_HASHES=true
      - HASTEBIN_SCRIPT_SOURCES=
      - HASTEBIN_BYPASS_CSP_IN_DEV=false
+      - HASTEBIN_ENABLE_CROSS_ORIGIN_ISOLATION=true
    networks:
      - traefik
      - default