Update frontend to use unprivileged Nginx on port 8080

Switch from `nginx:1.29-alpine-slim` to `nginxinc/nginx-unprivileged:stable-alpine` for improved security by running as a non-root user. Changed the exposed port from 80 to 8080 in the configurations to reflect the unprivileged setup. Adjusted the `docker-compose.yml` and `nginx.conf` accordingly.
2026-02-14 17:13:18 +01:00
parent c2e4e614e0
commit 489dde812f
3 changed files with 5 additions and 5 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -54,7 +54,7 @@ services:
    depends_on:
      - backend
    ports:
-      - "${FRONTEND_PORT}:80"
+      - "${FRONTEND_PORT}:8080"
 volumes:
  pg_data:
--- a/frontend/Dockerfile
+++ b/frontend/Dockerfile
@@ -7,9 +7,9 @@ ARG VITE_API_URL=/api/v1
 ENV VITE_API_URL=${VITE_API_URL}
 RUN npm run build
-FROM nginx:1.29-alpine-slim
+FROM nginxinc/nginx-unprivileged:stable-alpine
 RUN apk upgrade --no-cache
 COPY nginx.conf /etc/nginx/conf.d/default.conf
 COPY --from=build /app/dist /usr/share/nginx/html
-EXPOSE 80
+USER 101
 EXPOSE 8080
 HEALTHCHECK --interval=30s --timeout=3s --retries=5 CMD nginx -t || exit 1
--- a/frontend/nginx.conf
+++ b/frontend/nginx.conf
@@ -1,5 +1,5 @@
 server {
-  listen 80;
+  listen 8080;
  server_name _;
  root /usr/share/nginx/html;