chore: add local testing nginx conf and clean up

Author: johnnzhou

Makefile

@@ -14,6 +14,12 @@ clean:
 	docker volume rm ccn-coverage-vis_certs
 	docker rmi $(docker images --filter=reference='ccn-coverage-vis*' -q)
 
+.PHONY: build-test
+build-test:
+	@echo "Create test docker container for $(VIS_DOCKER_IMAGE_NAME)"
+
+	docker build --build-arg NGINX_CONFIG="local-nginx.conf" -t $(VIS_DOCKER_IMAGE_NAME_PREFIX)/$(VIS_DOCKER_IMAGE_NAME) -f vis.dockerfile .
+
 .PHONY: build
 build:
 	@echo "Create docker container for $(VIS_DOCKER_IMAGE_NAME)"

README.md

@@ -88,3 +88,8 @@ We provide a docker compose environment for local testing. Run `docker compose u
   - Toggle Active
 - Better compatibility with local development
 
+## Contributing
+Any contribution and pull requests are welcome! However, before you plan to implement some features or try to fix an uncertain issue, it is recommended to open a discussion first. You can also join our [Discord channel](https://discord.com/invite/gn4DKF83bP), or visit our [website](https://seattlecommunitynetwork.org/).
+
+## License
+ccn-coverage-vis is released under Apache License. See [LICENSE](/LICENSE) for more details.

configs/local-nginx.conf

@@ -0,0 +1,83 @@
+# HTTP server - redirects to HTTPS
+server {
+    listen 80;
+    server_name localhost;
+    
+    # Redirect all HTTP requests to HTTPS
+    return 301 https://$host$request_uri;
+}
+
+# HTTPS server
+server {
+    listen 443 ssl;
+    server_name localhost;
+    
+    # SSL certificate configuration
+    ssl_certificate /etc/nginx/ssl/certs/certificate.pem;
+    ssl_certificate_key /etc/nginx/ssl/certs/private-key.pem;
+    
+    # SSL protocols and ciphers for improved security
+    ssl_protocols TLSv1.2 TLSv1.3;
+    ssl_prefer_server_ciphers on;
+    ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384';
+    ssl_session_timeout 1d;
+    ssl_session_cache shared:SSL:50m;
+    
+    # HSTS (HTTP Strict Transport Security)
+    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
+    
+    # Compression settings for better performance
+    gzip on;
+    gzip_vary on;
+    gzip_min_length 10240;
+    gzip_proxied expired no-cache no-store private auth;
+    gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml application/javascript;
+    gzip_disable "MSIE [1-6]\.";
+
+    # Root directory for the site
+    root /usr/share/nginx/html;
+
+    # API and secure endpoints
+    location ~ ^/(api|secure)/ {
+        proxy_pass http://api:3000;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection 'upgrade';
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_cache_bypass $http_upgrade;
+        
+        # Timeout settings
+        proxy_connect_timeout 60s;
+        proxy_send_timeout 60s;
+        proxy_read_timeout 60s;
+    }
+
+    # Handle requests to /admin/assets/ - KEY FIX HERE
+    location ^~ /admin/assets/ {
+        # Rewrite requests from /admin/assets/ to /assets/
+        rewrite ^/admin/assets/(.*) /assets/$1 last;
+    }
+
+    # Static assets caching
+    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
+        expires 1y;
+        add_header Cache-Control "public, max-age=31536000, immutable";
+        try_files $uri =404;
+    }
+
+    # Handle all routes for the SPA
+    location / {
+        index index.html;
+        try_files $uri $uri/ /index.html;
+    }
+
+    # Error pages
+    error_page 404 /index.html;
+    error_page 500 502 503 504 /50x.html;
+    location = /50x.html {
+        try_files $uri =404;
+    }
+}

configs/nginx.conf

@@ -1,31 +1,7 @@
-# HTTP server - redirects to HTTPS
 server {
     listen 80;
     server_name localhost;
 
-    # Redirect all HTTP requests to HTTPS
-    return 301 https://$host$request_uri;
-}
-
-# HTTPS server
-server {
-    listen 443 ssl;
-    server_name localhost;
-    
-    # SSL certificate configuration
-    ssl_certificate /etc/nginx/ssl/certs/certificate.pem;
-    ssl_certificate_key /etc/nginx/ssl/certs/private-key.pem;
-    
-    # SSL protocols and ciphers for improved security
-    ssl_protocols TLSv1.2 TLSv1.3;
-    ssl_prefer_server_ciphers on;
-    ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384';
-    ssl_session_timeout 1d;
-    ssl_session_cache shared:SSL:50m;
-    
-    # HSTS (HTTP Strict Transport Security)
-    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
-    
     # Compression settings for better performance
     gzip on;
     gzip_vary on;
@@ -37,25 +13,6 @@ server {
     # Root directory for the site
     root /usr/share/nginx/html;
 
-    # API and secure endpoints
-    location ~ ^/(api|secure)/ {
-        proxy_pass http://api:3000;
-        proxy_http_version 1.1;
-        proxy_set_header Upgrade $http_upgrade;
-        proxy_set_header Connection 'upgrade';
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-        proxy_cache_bypass $http_upgrade;
-        
-        # Timeout settings
-        proxy_connect_timeout 60s;
-        proxy_send_timeout 60s;
-        proxy_read_timeout 60s;
-    }
-
-    # Handle requests to /admin/assets/ - KEY FIX HERE
     location ^~ /admin/assets/ {
         # Rewrite requests from /admin/assets/ to /assets/
         rewrite ^/admin/assets/(.*) /assets/$1 last;

src/sites.json

@@ -16,9 +16,10 @@ COPY . .
 RUN npm run build && npm prune --production
 
 FROM nginx:stable-alpine
+ARG NGINX_CONFIG="nginx.conf"
 
 COPY --from=build /usr/src/app/build /usr/share/nginx/html
-COPY configs/nginx.conf /etc/nginx/conf.d/default.conf
+COPY configs/${NGINX_CONFIG} /etc/nginx/conf.d/default.conf
 
 EXPOSE 443