atridad/signal_encryption_poc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

plssssss
Some checks failed
Deploy Encrypted Todo App / build-and-push (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Atridad Lahiji
2025-06-16 09:24:40 -06:00
parent d71062cf13
commit b61f664825
3 changed files with 188 additions and 147 deletions
Download Patch File Download Diff File Expand all files Collapse all files

167
.dockerignore
View File

@ -1,160 +1,68 @@
# Node modules # Node modules and package manager files
node_modules node_modules/
npm-debug.log* npm-debug.log*
yarn-debug.log* yarn-debug.log*
yarn-error.log* yarn-error.log*
.npm
.yarn-integrity
# Runtime data # Development and build artifacts
pids coverage/
*.lcov
.nyc_output
build/
dist/
*.tsbuildinfo
# Runtime files
pids/
*.pid *.pid
*.seed *.seed
*.pid.lock *.pid.lock
logs/
*.log
# Coverage directory used by tools like istanbul # Cache directories
coverage .cache/
*.lcov .parcel-cache/
# nyc test coverage
.nyc_output
# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
.grunt
# Bower dependency directory (https://bower.io/)
bower_components
# node-waf configuration
.lock-wscript
# Compiled binary addons (https://nodejs.org/api/addons.html)
build/Release
# Dependency directories
jspm_packages/
# TypeScript v1 declaration files
typings/
# TypeScript cache
*.tsbuildinfo
# Optional npm cache directory
.npm
# Optional eslint cache
.eslintcache
# Microbundle cache
.rpt2_cache/ .rpt2_cache/
.rts2_cache_cjs/ .rts2_cache_cjs/
.rts2_cache_es/ .rts2_cache_es/
.rts2_cache_umd/ .rts2_cache_umd/
# Optional REPL history # Environment files (except production)
.node_repl_history
# Output of 'npm pack'
*.tgz
# Yarn Integrity file
.yarn-integrity
# parcel-bundler cache (https://parceljs.org/)
.cache
.parcel-cache
# Next.js build output
.next
# Nuxt.js build / generate output
.nuxt
dist
# Gatsby files
.cache/
public
# Storybook build outputs
.out
.storybook-out
# Temporary folders
tmp/
temp/
# Logs
logs
*.log
# Runtime data
pids
*.pid
*.seed
*.pid.lock
# Directory for instrumented libs generated by jscoverage/JSCover
lib-cov
# Coverage directory used by tools like istanbul
coverage
# Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files)
.grunt
# Bower dependency directory (https://bower.io/)
bower_components
# node-waf configuration
.lock-wscript
# Compiled binary addons (https://nodejs.org/api/addons.html)
build/Release
# Dependency directories
node_modules/
jspm_packages/
# Optional npm cache directory
.npm
# Optional REPL history
.node_repl_history
# Output of 'npm pack'
*.tgz
# Yarn Integrity file
.yarn-integrity
# dotenv environment variables file
.env.local .env.local
.env.development.local .env.development.local
.env.test.local .env.test.local
.env.production.local
# Mac # OS files
.DS_Store .DS_Store
# Windows
Thumbs.db Thumbs.db
# IDEs # IDE files
.vscode/ .vscode/
.idea/ .idea/
*.swp *.swp
*.swo *.swo
*~ *~
# Git # Git files
.git .git/
.gitignore .gitignore
README.md .gitattributes
# Docker # GitHub workflows and documentation
.github/
README.md
LICENSE
*.md
# Docker files
Dockerfile* Dockerfile*
docker-compose* docker-compose*
.dockerignore
# SQLite database (will be created in container) # SQLite databases (will be created in container)
*.db *.db
*.sqlite *.sqlite
*.sqlite3 *.sqlite3
@ -162,3 +70,10 @@ docker-compose*
# Local development files # Local development files
server.log server.log
server.pid server.pid
server_output.log
# Test files
test/
tests/
*.test.js
*.spec.js

38
Dockerfile
View File

@ -1,38 +1,34 @@
FROM node:24-alpine FROM node:20-alpine
# Install pnpm
RUN npm install -g pnpm
# Set the working directory in the container
WORKDIR /app WORKDIR /app
# Copy package.json and pnpm-lock.yaml (if available) # Install pnpm globally
COPY package*.json pnpm-lock.yaml* ./ RUN npm install -g pnpm
# Copy dependency files first for better caching
COPY package.json pnpm-lock.yaml ./
# Install dependencies # Install dependencies
RUN pnpm install --frozen-lockfile --prod RUN pnpm install --frozen-lockfile --prod
# Copy the rest of the application code # Copy application files
COPY . . COPY server.js todo-service.js signal-crypto.js ./
COPY public/ ./public/
COPY .env* ./
# Create a directory for the SQLite database # Create data directory and set permissions
RUN mkdir -p /app/data RUN mkdir -p /app/data && chown -R node:node /app
# Set environment variables # Set environment variables
ENV NODE_ENV=production ENV NODE_ENV=production
ENV SQLITE_DB_PATH=/app/data/db.db ENV SQLITE_DB_PATH=/app/data/db.db
ENV PORT=3000 ENV PORT=3000
# Expose the port the app runs on # Expose port
EXPOSE 3000 EXPOSE 3000
# Create a non-root user to run the application # Switch to non-root user
RUN addgroup -g 1001 -S nodejs USER node
RUN adduser -S nodejs -u 1001
# Change ownership of the app directory to the nodejs user # Start application
RUN chown -R nodejs:nodejs /app CMD ["node", "server.js"]
USER nodejs
# Command to run the application
CMD ["pnpm", "start"]

130
validate-build.sh Executable file
View File

@ -0,0 +1,130 @@
#!/bin/bash
echo "🔍 Validating Docker build setup..."
# Check if required files exist
echo "📁 Checking required files..."
required_files=(
"package.json"
"pnpm-lock.yaml"
"server.js"
"todo-service.js"
"signal-crypto.js"
"public/index.html"
"public/styles.css"
"Dockerfile"
".dockerignore"
)
missing_files=()
for file in "${required_files[@]}"; do
if [[ ! -f "$file" ]]; then
missing_files+=("$file")
else
echo "$file"
fi
done
if [[ ${#missing_files[@]} -gt 0 ]]; then
echo "❌ Missing files:"
printf '%s\n' "${missing_files[@]}"
exit 1
fi
# Validate Node.js syntax
echo ""
echo "🔍 Validating JavaScript syntax..."
if command -v node >/dev/null 2>&1; then
for js_file in server.js todo-service.js signal-crypto.js; do
if node -c "$js_file"; then
echo "$js_file syntax OK"
else
echo "$js_file has syntax errors"
exit 1
fi
done
else
echo "⚠️ Node.js not found, skipping syntax validation"
fi
# Check package.json for required dependencies
echo ""
echo "📦 Checking package.json dependencies..."
if command -v jq >/dev/null 2>&1; then
required_deps=("express" "uuid" "ws" "dotenv" "@signalapp/libsignal-client")
for dep in "${required_deps[@]}"; do
if jq -e ".dependencies.\"$dep\"" package.json >/dev/null; then
echo "$dep dependency found"
else
echo "❌ Missing dependency: $dep"
exit 1
fi
done
else
echo "⚠️ jq not found, checking dependencies manually..."
if grep -q '"express"' package.json; then
echo "✅ express dependency found"
else
echo "❌ Missing dependency: express"
exit 1
fi
fi
# Validate Dockerfile syntax
echo ""
echo "🐳 Validating Dockerfile..."
if command -v docker >/dev/null 2>&1; then
if docker build --dry-run . >/dev/null 2>&1; then
echo "✅ Dockerfile syntax OK"
else
echo "❌ Dockerfile has issues"
exit 1
fi
else
echo "⚠️ Docker not found, checking Dockerfile manually..."
if grep -q "FROM node:" Dockerfile; then
echo "✅ Dockerfile has Node.js base image"
else
echo "❌ Dockerfile missing Node.js base image"
exit 1
fi
fi
# Check environment variables
echo ""
echo "🔧 Checking environment setup..."
if [[ -f ".env" ]]; then
echo "✅ .env file found"
if grep -q "SQLITE_DB_PATH" .env; then
echo "✅ SQLITE_DB_PATH configured"
else
echo "⚠️ SQLITE_DB_PATH not found in .env"
fi
else
echo "⚠️ .env file not found (will use defaults)"
fi
# Estimate Docker image size
echo ""
echo "📊 Estimating build efficiency..."
total_size=$(du -sh . 2>/dev/null | cut -f1)
echo "📁 Project size: $total_size"
if [[ -f ".dockerignore" ]]; then
ignored_items=$(wc -l < .dockerignore)
echo "🚫 .dockerignore rules: $ignored_items"
else
echo "⚠️ No .dockerignore found - build may be slower"
fi
echo ""
echo "✅ Build validation complete!"
echo ""
echo "🚀 To build the Docker image:"
echo " docker build -t encrypted-todo ."
echo ""
echo "🏃 To run the container:"
echo " docker run -p 3000:3000 -v todo_data:/app/data encrypted-todo"
echo ""
echo "🔗 To use with Docker Compose:"
echo " docker compose up --build"