From 263b581d3a85ab2669b9ebeb04e7f028acf00119 Mon Sep 17 00:00:00 2001
From: kinou-p <alexpomms@gmail.com>
Date: Thu, 2 Oct 2025 17:32:36 +0200
Subject: [PATCH] fix: correct Traefik entrypoints and HTTP to HTTPS redirect

---
 Dockerfile |   4 +-
 nginx.conf | 127 +++++++++++++++++++++--------------------------------
 2 files changed, 52 insertions(+), 79 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index e4413f1..0cb49a5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -28,8 +28,8 @@ FROM nginx:alpine
 # Copier les fichiers buildés depuis l'étape builder
 COPY --from=builder /app/dist /usr/share/nginx/html
 
-# Copier la configuration Nginx optimisée
-COPY nginx.conf /etc/nginx/nginx.conf
+# Copier la configuration Nginx optimisée (remplace le default.conf)
+COPY nginx.conf /etc/nginx/conf.d/default.conf
 
 # Exposer le port 80
 EXPOSE 80
diff --git a/nginx.conf b/nginx.conf
index 856463f..b87af55 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -1,28 +1,15 @@
-user nginx;
-worker_processes auto;
-error_log /var/log/nginx/error.log warn;
-pid /var/run/nginx.pid;
+server {
+    listen 80;
+    listen [::]:80;
+    server_name localhost;
+    root /usr/share/nginx/html;
+    index index.html;
 
-events {
-    worker_connections 1024;
-}
-
-http {
-    include /etc/nginx/mime.types;
-    default_type application/octet-stream;
-
-    log_format main '$remote_addr - $remote_user [$time_local] "$request" '
-                    '$status $body_bytes_sent "$http_referer" '
-                    '"$http_user_agent" "$http_x_forwarded_for"';
-
-    access_log /var/log/nginx/access.log main;
-
-    # Performance optimizations
-    sendfile on;
-    tcp_nopush on;
-    tcp_nodelay on;
-    keepalive_timeout 65;
-    types_hash_max_size 2048;
+    # Security headers
+    add_header X-Frame-Options "SAMEORIGIN" always;
+    add_header X-Content-Type-Options "nosniff" always;
+    add_header X-XSS-Protection "1; mode=block" always;
+    add_header Referrer-Policy "no-referrer-when-downgrade" always;
 
     # Gzip compression
     gzip on;
@@ -34,58 +21,44 @@ http {
                application/rss+xml font/truetype font/opentype 
                application/vnd.ms-fontobject image/svg+xml;
 
-    server {
-        listen 80;
-        listen [::]:80;
-        server_name _;
-        root /usr/share/nginx/html;
-        index index.html;
-
-        # Security headers
-        add_header X-Frame-Options "SAMEORIGIN" always;
-        add_header X-Content-Type-Options "nosniff" always;
-        add_header X-XSS-Protection "1; mode=block" always;
-        add_header Referrer-Policy "no-referrer-when-downgrade" always;
-
-        # Cache static assets - Images
-        location ~* \.(jpg|jpeg|png|gif|ico|svg|webp)$ {
-            expires 1y;
-            add_header Cache-Control "public, immutable";
-        }
-
-        # Cache static assets - CSS/JS
-        location ~* \.(css|js)$ {
-            expires 1y;
-            add_header Cache-Control "public, immutable";
-        }
-
-        # Cache static assets - Fonts
-        location ~* \.(woff|woff2|ttf|otf|eot)$ {
-            expires 1y;
-            add_header Cache-Control "public, immutable";
-            add_header Access-Control-Allow-Origin "*";
-        }
-
-        # SPA fallback - toutes les routes vers index.html
-        location / {
-            try_files $uri $uri/ /index.html;
-        }
-
-        # Disable cache for index.html
-        location = /index.html {
-            add_header Cache-Control "no-cache, no-store, must-revalidate";
-            add_header Pragma "no-cache";
-            add_header Expires "0";
-        }
-
-        # Disable cache for service worker if you add one later
-        location = /service-worker.js {
-            add_header Cache-Control "no-cache, no-store, must-revalidate";
-            add_header Pragma "no-cache";
-            add_header Expires "0";
-        }
-
-        # Error pages
-        error_page 404 /index.html;
+    # Cache static assets - Images
+    location ~* \.(jpg|jpeg|png|gif|ico|svg|webp)$ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
     }
+
+    # Cache static assets - CSS/JS
+    location ~* \.(css|js)$ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+    }
+
+    # Cache static assets - Fonts
+    location ~* \.(woff|woff2|ttf|otf|eot)$ {
+        expires 1y;
+        add_header Cache-Control "public, immutable";
+        add_header Access-Control-Allow-Origin "*";
+    }
+
+    # SPA fallback - toutes les routes vers index.html
+    location / {
+        try_files $uri $uri/ /index.html;
+    }
+
+    # Disable cache for index.html
+    location = /index.html {
+        add_header Cache-Control "no-cache, no-store, must-revalidate";
+        add_header Pragma "no-cache";
+        add_header Expires "0";
+    }
+
+    # Disable cache for service worker if you add one later
+    location = /service-worker.js {
+        add_header Cache-Control "no-cache, no-store, must-revalidate";
+        add_header Pragma "no-cache";
+        add_header Expires "0";
+    }
+
+    # Error pages
+    error_page 404 /index.html;
 }