dragonflight/services/web-ui/nginx.conf

server {
    listen 80;
    server_name _;

    # Docker embedded DNS — defers upstream resolution to request time
    # This prevents nginx crashing at startup if sibling containers aren't
    # ready yet (which happens on the first `docker compose up`).
    resolver 127.0.0.11 valid=10s ipv6=off;

    # Allow unlimited client upload size
    client_max_body_size 0;

    # Gzip compression
    gzip on;
    gzip_types text/plain text/css text/javascript application/javascript application/json;
    gzip_min_length 1000;

    # Root location - serve static files
    root /usr/share/nginx/html;

    # Cache static assets aggressively
    location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
        expires 1y;
        add_header Cache-Control "public, immutable";
    }

    # HTML files - no cache
    location ~* \.html?$ {
        expires -1;
        add_header Cache-Control "no-cache, no-store, must-revalidate";
    }

    # API proxy - forward to mam-api service
    location /api/ {
        set $api_upstream http://mam-api:3000;
        client_max_body_size 0;
        proxy_pass $api_upstream;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_buffering off;
        proxy_request_buffering off;
        proxy_connect_timeout 300;
        proxy_send_timeout 300;
        proxy_read_timeout 300;
    }

    # Capture proxy - forward to capture service
    location /capture/ {
        set $capture_upstream http://capture:3001;
        proxy_pass $capture_upstream;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_buffering off;
        proxy_request_buffering off;
    }

    # SPA fallback - try to serve file, else route to index.html
    location / {
        try_files $uri $uri/ /index.html;
        expires -1;
        add_header Cache-Control "no-cache, no-store, must-revalidate";
    }

    # Health check endpoint
    location /health {
        access_log off;
        return 200 "healthy\n";
        add_header Content-Type text/plain;
    }

    # Deny access to dotfiles
    location ~ /\. {
        deny all;
    }
}
add services/web-ui/nginx.conf 2026-04-07 21:58:21 -04:00			`server {`
			`listen 80;`
			`server_name _;`

fix(nginx): use Docker embedded DNS resolver to avoid startup DNS failure nginx resolves upstream hostnames at config load time, which fails when sibling containers haven't registered with the Docker DNS yet. Using resolver 127.0.0.11 with set $upstream defers resolution to request time, preventing the "host not found in upstream" startup crash. 2026-05-16 08:44:50 -04:00			`# Docker embedded DNS — defers upstream resolution to request time`
			`# This prevents nginx crashing at startup if sibling containers aren't`
			# ready yet (which happens on the first `docker compose up`).
			`resolver 127.0.0.11 valid=10s ipv6=off;`

Phase 2: services/web-ui/nginx.conf 2026-04-07 22:05:41 -04:00			`# Allow unlimited client upload size`
			`client_max_body_size 0;`

add services/web-ui/nginx.conf 2026-04-07 21:58:21 -04:00			`# Gzip compression`
			`gzip on;`
			`gzip_types text/plain text/css text/javascript application/javascript application/json;`
			`gzip_min_length 1000;`

			`# Root location - serve static files`
			`root /usr/share/nginx/html;`

			`# Cache static assets aggressively`
			`location ~* \.(js\|css\|png\|jpg\|jpeg\|gif\|ico\|svg\|woff\|woff2\|ttf\|eot)$ {`
			`expires 1y;`
			`add_header Cache-Control "public, immutable";`
			`}`

			`# HTML files - no cache`
			`location ~* \.html?$ {`
			`expires -1;`
			`add_header Cache-Control "no-cache, no-store, must-revalidate";`
			`}`

			`# API proxy - forward to mam-api service`
			`location /api/ {`
fix(nginx): use Docker embedded DNS resolver to avoid startup DNS failure nginx resolves upstream hostnames at config load time, which fails when sibling containers haven't registered with the Docker DNS yet. Using resolver 127.0.0.11 with set $upstream defers resolution to request time, preventing the "host not found in upstream" startup crash. 2026-05-16 08:44:50 -04:00			`set $api_upstream http://mam-api:3000;`
Phase 2: services/web-ui/nginx.conf 2026-04-07 22:05:41 -04:00			`client_max_body_size 0;`
fix(nginx): use Docker embedded DNS resolver to avoid startup DNS failure nginx resolves upstream hostnames at config load time, which fails when sibling containers haven't registered with the Docker DNS yet. Using resolver 127.0.0.11 with set $upstream defers resolution to request time, preventing the "host not found in upstream" startup crash. 2026-05-16 08:44:50 -04:00			`proxy_pass $api_upstream;`
add services/web-ui/nginx.conf 2026-04-07 21:58:21 -04:00			`proxy_http_version 1.1;`
			`proxy_set_header Upgrade $http_upgrade;`
			`proxy_set_header Connection "upgrade";`
			`proxy_set_header Host $host;`
			`proxy_set_header X-Real-IP $remote_addr;`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`proxy_set_header X-Forwarded-Proto $scheme;`
			`proxy_buffering off;`
			`proxy_request_buffering off;`
Phase 2: services/web-ui/nginx.conf 2026-04-07 22:05:41 -04:00			`proxy_connect_timeout 300;`
			`proxy_send_timeout 300;`
			`proxy_read_timeout 300;`
add services/web-ui/nginx.conf 2026-04-07 21:58:21 -04:00			`}`

			`# Capture proxy - forward to capture service`
			`location /capture/ {`
fix(nginx): use Docker embedded DNS resolver to avoid startup DNS failure nginx resolves upstream hostnames at config load time, which fails when sibling containers haven't registered with the Docker DNS yet. Using resolver 127.0.0.11 with set $upstream defers resolution to request time, preventing the "host not found in upstream" startup crash. 2026-05-16 08:44:50 -04:00			`set $capture_upstream http://capture:3001;`
			`proxy_pass $capture_upstream;`
add services/web-ui/nginx.conf 2026-04-07 21:58:21 -04:00			`proxy_http_version 1.1;`
			`proxy_set_header Upgrade $http_upgrade;`
			`proxy_set_header Connection "upgrade";`
			`proxy_set_header Host $host;`
			`proxy_set_header X-Real-IP $remote_addr;`
			`proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;`
			`proxy_set_header X-Forwarded-Proto $scheme;`
			`proxy_buffering off;`
			`proxy_request_buffering off;`
			`}`

			`# SPA fallback - try to serve file, else route to index.html`
			`location / {`
			`try_files $uri $uri/ /index.html;`
			`expires -1;`
			`add_header Cache-Control "no-cache, no-store, must-revalidate";`
			`}`

			`# Health check endpoint`
			`location /health {`
			`access_log off;`
			`return 200 "healthy\n";`
			`add_header Content-Type text/plain;`
			`}`

			`# Deny access to dotfiles`
			`location ~ /\. {`
			`deny all;`
			`}`
			`}`