Updated Docker Build & Vulnerability Patching #240

NOXCIS · 2023-12-31T00:32:14Z

@jrmi

jrmi · 2023-12-31T10:50:30Z

@jrmi

Perfect, will review it ASAP.

jrmi

Great job Noxcis. I like the multistage docker image.

I left a few comments, let me know what you think.

Dockerfile

jrmi · 2024-01-02T08:23:22Z

client/public/manifest.json

@@ -14,4 +14,4 @@
 "background_color": "#ffffff",
 "scope": "/",
 "description": "Secure and encrypted web chat with Darkwire.io"
-}
+}


I think this change is unnecessary ;-)

Still haven't gotten around to configure my IDE, spends time time fighting docker engine.

jrmi · 2024-01-02T08:35:09Z

start.sh

+ openssl genpkey -algorithm RSA -out "$key_file"
+
+ # Generate certificate signing request (CSR)
+ openssl req -new -key "$key_file" -out "$csr_file" -subj "/C=US/ST=FL/L=Miami/O=NoxCorp/OU=GhostWorks/CN=Noxcis"


May be the "subject" should be more... generic? May be something that can be configured with the env if needed with the previous value as default, what do you think?

I agree any ideas on how to implement?

You could use define a new env var like: CSR_SUBJECT and use it in this script? What do you think?

jrmi · 2024-01-02T09:19:22Z

client/.env.dist

@@ -1,14 +0,0 @@
-# Api settings


Why do you remove this file (and the one from the server) ? I think it still a good idea to have a template when in development or may be if someone wants a custom install without docker for instance, what do you think?

hmm, great point!

jrmi · 2024-01-02T09:24:42Z

start.sh

+set_env &&
+# Start your application
+generate_self_signed_ssl &&
+nginx &&


I wouldn't install Nginx in the Darkwire image. I think it's a good idea to keep things separated. Imagine someone that already have a docker compose stack with an existing Nginx, or someone who prefers Traefik. Adding Nginx doesn't break things, but it adds an extra overhead in most situation. As consequence, I would just keep the yarn start here. However, I think it makes sense to update the docker compose file to use nginx as reverse proxy.

What do you think?

I agree will reserve for my hard-fork meant to run with my project over here Wiregate.

client/src/stylesheets/app.sass

readded env template

NOXCIS added 3 commits December 30, 2023 16:28

push ready

043c6a8

+

f1b89ed

Update start.sh

5c1ebae

NOXCIS added 2 commits December 31, 2023 18:34

Merge branch 'master' into master

fc77afe

Update Dockerfile

6cb3913

jrmi requested changes Jan 2, 2024

View reviewed changes

+

d9fa642

readded env template

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Updated Docker Build & Vulnerability Patching #240

Updated Docker Build & Vulnerability Patching #240

NOXCIS commented Dec 31, 2023

jrmi commented Dec 31, 2023

jrmi left a comment

jrmi Jan 2, 2024

NOXCIS Jan 2, 2024

jrmi Jan 2, 2024

NOXCIS Jan 2, 2024

jrmi Jan 7, 2024

jrmi Jan 2, 2024

NOXCIS Jan 2, 2024

jrmi Jan 2, 2024

NOXCIS Jan 2, 2024

Updated Docker Build & Vulnerability Patching #240

Are you sure you want to change the base?

Updated Docker Build & Vulnerability Patching #240

Conversation

NOXCIS commented Dec 31, 2023

jrmi commented Dec 31, 2023

jrmi left a comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment

Choose a reason for hiding this comment