- validate all file-upload via clamdscan (clamav), throw ValidationException in case of an error
All checks were successful
CI Pipeline / japa-tests (push) Successful in 50s
All checks were successful
CI Pipeline / japa-tests (push) Successful in 50s
- add @types/clamscan and clamscan for node
- package clamav-daemon and clamav-frehshclam for docker
- add API Controller: HomeController.ts for /api/years and /api/sitelinks/{year}
change root path of file storage from '/storage/app/public/files' to '/storage/app/public'
- adapt dockerfile to use node:18-bookworm-slim
This commit is contained in:
parent
5f8fe1c16d
commit
b6b1c90ff8
20 changed files with 941 additions and 278 deletions
52
Dockerfile
52
Dockerfile
|
|
@ -1,21 +1,52 @@
|
|||
################## First Stage - Creating base #########################
|
||||
|
||||
# Created a variable to hold our node base image
|
||||
ARG NODE_IMAGE=node:18.14.2-alpine
|
||||
ARG NODE_IMAGE=node:18-bookworm-slim
|
||||
|
||||
|
||||
# Using the variable to create our base image
|
||||
FROM $NODE_IMAGE AS base
|
||||
# Running a command to install dumb-init to handle processes
|
||||
RUN apk --no-cache add dumb-init
|
||||
# Creating folders and changing ownerships
|
||||
RUN mkdir -p /home/node/app && chown node:node /home/node/app
|
||||
# Install dumb-init and ClamAV, and perform ClamAV database update
|
||||
RUN apt update \
|
||||
&& apt-get install -y dumb-init clamav clamav-daemon nano \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
# Creating folders and changing ownerships
|
||||
&& mkdir -p /home/node/app && chown node:node /home/node/app \
|
||||
&& mkdir -p /var/lib/clamav \
|
||||
&& mkdir /usr/local/share/clamav \
|
||||
&& chown -R node:clamav /var/lib/clamav /usr/local/share/clamav /etc/clamav
|
||||
# -----------------------------------------------
|
||||
# --- ClamAV & FeshClam -------------------------
|
||||
# -----------------------------------------------
|
||||
# RUN \
|
||||
# chmod 644 /etc/clamav/freshclam.conf && \
|
||||
# freshclam && \
|
||||
# mkdir /var/run/clamav && \
|
||||
# chown -R clamav:root /var/run/clamav
|
||||
|
||||
# # initial update of av databases
|
||||
# RUN freshclam
|
||||
|
||||
# Configure Clam AV...
|
||||
COPY --chown=node:clamav ./*.conf /etc/clamav/
|
||||
|
||||
# permissions
|
||||
RUN mkdir /var/run/clamav && \
|
||||
chown node:clamav /var/run/clamav && \
|
||||
chmod 750 /var/run/clamav
|
||||
# Setting the working directory
|
||||
WORKDIR /home/node/app
|
||||
# Changing the current active user to "node"
|
||||
USER node
|
||||
# # Creating a new folder "tmp"
|
||||
# RUN mkdir tmp
|
||||
|
||||
# initial update of av databases
|
||||
RUN freshclam
|
||||
|
||||
VOLUME /var/lib/clamav
|
||||
COPY --chown=node:clamav docker-entrypoint.sh /home/node/app/docker-entrypoint.sh
|
||||
RUN chmod +x /home/node/app/docker-entrypoint.sh
|
||||
ENV TZ="Europe/Vienna"
|
||||
|
||||
|
||||
|
||||
|
||||
################## Second Stage - Installing dependencies ##########
|
||||
# In this stage, we will start installing dependencies
|
||||
|
|
@ -31,7 +62,7 @@ COPY --chown=node:node . .
|
|||
################## Third Stage - Building Stage #####################
|
||||
# In this stage, we will start building dependencies
|
||||
FROM dependencies AS build
|
||||
# We run "node ace build" to build the app for production
|
||||
# We run "node ace build" to build the app (dist folder) for production
|
||||
RUN node ace build --production
|
||||
|
||||
|
||||
|
|
@ -51,5 +82,6 @@ RUN npm ci --omit=dev
|
|||
COPY --chown=node:node --from=build /home/node/app/build .
|
||||
# Expose port
|
||||
EXPOSE $PORT
|
||||
ENTRYPOINT ["/home/node/app/docker-entrypoint.sh"]
|
||||
# Run the command to start the server using "dumb-init"
|
||||
CMD [ "dumb-init", "node", "server.js" ]
|
||||
Loading…
Add table
editor.link_modal.header
Reference in a new issue