Administrator / spring-boot-microservices-onlineshooping-fullstack · Files

configmap.yaml 2.94 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 
apiVersion: v1
kind: ConfigMap
metadata:
  name: frontend-config
  namespace: ecommerce
  labels:
    app: frontend
data:
  nginx.conf: |
    server {
      listen 80;
      server_name localhost;
      root /usr/share/nginx/html;
      index index.html;

      # Enable gzip compression
      gzip on;
      gzip_vary on;
      gzip_min_length 1024;
      gzip_proxied any;
      gzip_comp_level 6;
      gzip_types
        text/plain
        text/css
        text/xml
        text/javascript
        application/json
        application/javascript
        application/xml+rss
        application/atom+xml
        image/svg+xml;

      # Security headers
      add_header X-Frame-Options "SAMEORIGIN" always;
      add_header X-XSS-Protection "1; mode=block" always;
      add_header X-Content-Type-Options "nosniff" always;
      add_header Referrer-Policy "no-referrer-when-downgrade" always;
      add_header Content-Security-Policy "default-src 'self' http: https: data: blob: 'unsafe-inline'" always;

      # Handle client-side routing
      location / {
          try_files $uri $uri/ /index.html;
          add_header Cache-Control "no-cache, no-store, must-revalidate";
      }

      # Cache static assets
      location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
          expires 1y;
          add_header Cache-Control "public, immutable, max-age=31536000";
          access_log off;
      }

      # API proxy - forward to API Gateway
      location /api {
          proxy_pass http://api-gateway-service:8080;
          proxy_http_version 1.1;
          proxy_set_header Upgrade $http_upgrade;
          proxy_set_header Connection 'upgrade';
          proxy_set_header Host $host;
          proxy_set_header X-Real-IP $remote_addr;
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header X-Forwarded-Proto $scheme;
          proxy_set_header X-Forwarded-Host $host;
          proxy_set_header X-Forwarded-Port $server_port;
          proxy_cache_bypass $http_upgrade;
          
          # Timeout settings
          proxy_connect_timeout 30s;
          proxy_send_timeout 30s;
          proxy_read_timeout 30s;
      }

      # Health check endpoint
      location /health {
          access_log off;
          add_header Content-Type text/plain;
          return 200 "healthy\n";
      }

      # Robots.txt
      location /robots.txt {
          add_header Content-Type text/plain;
          return 200 "User-agent: *\nDisallow: /api/\nAllow: /\n";
      }

      # Error pages
      error_page 404 /index.html;
      error_page 500 502 503 504 /50x.html;
      
      location = /50x.html {
          root /usr/share/nginx/html;
      }
    }
  
  environment.js: |
    window.env = {
      API_URL: 'https://api.yourdomain.com',
      APP_NAME: 'ShopEase',
      NODE_ENV: 'production',
      STRIPE_PUBLISHABLE_KEY: 'pk_test_your_stripe_key',
      SENTRY_DSN: 'https://your-sentry-dsn@o123456.ingest.sentry.io/123456'
    };