From 6f9e60a22d4836c44c959c5d6b60cfea1f676b53 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=99=88=E8=A3=95=E8=B4=A2?= <cyc58469@163.com>
Date: Sat, 22 Mar 2025 09:08:41 +0800
Subject: [PATCH] docker

---
 Dockerfile | 15 +++++++++++++++
 nginx.conf | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 70 insertions(+)
 create mode 100644 Dockerfile
 create mode 100644 nginx.conf

diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 00000000..c74a4479
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,15 @@
+# 使用官方的 Nginx 镜像作为基础镜像
+FROM m.daocloud.io/docker.io/nginx:alpine
+
+
+# 将自定义的 Nginx 配置文件复制到容器内
+COPY nginx.conf /etc/nginx/conf.d/default.conf
+
+# 将打包好的前端文件复制到 Nginx 的 html 目录
+COPY dist-prod/ /usr/share/nginx/html/
+
+# 暴露端口
+EXPOSE 8067
+
+# 启动 Nginx
+CMD ["nginx", "-g", "daemon off;"]
\ No newline at end of file
diff --git a/nginx.conf b/nginx.conf
new file mode 100644
index 00000000..af691cf5
--- /dev/null
+++ b/nginx.conf
@@ -0,0 +1,55 @@
+server {
+    listen 8014;
+    server_name _;
+
+    index index.html index.htm;
+
+    # 处理根目录请求
+    location ~ / {
+        root /usr/share/nginx/html;
+        index index.html index.htm;
+        try_files $uri $uri/ /index.html;
+    }
+
+    location ^~ /api/lcode/ { ## 后端项目 - 管理后台
+        proxy_pass http://lcode-server:45916/; ## 重要！！！proxy_pass 需要设置为后端项目所在服务器的 IP
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header REMOTE-HOST $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_connect_timeout 65s;
+        proxy_send_timeout 65s;
+        proxy_read_timeout 65s;
+        proxy_next_upstream_tries 1;
+    }
+    location ^~ /api/xm/ { ## 后端项目 - 管理后台
+        proxy_pass http://xm-server:43518/; ## 重要！！！proxy_pass 需要设置为后端项目所在服务器的 IP
+        proxy_set_header Host $http_host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header REMOTE-HOST $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_connect_timeout 65s;
+        proxy_send_timeout 65s;
+        proxy_read_timeout 65s;
+        proxy_next_upstream_tries 1;
+    }
+
+    # 防止访问以点（.）开头的文件，如 .DS_Store
+    location ~ /\. {
+        deny all;
+        return 404;
+    }
+
+    # 防止常见备份文件被访问
+    location ~* \.(bak|swp|DS_Store|git|env)$ {
+        deny all;
+        return 404;
+    }
+
+
+    # 防止 .well-known 之外的隐藏文件
+    location ~ /\.(?!well-known).* {
+        deny all;
+        return 404;
+    }
+}
\ No newline at end of file