Rename to allinone, make compatible with default nginx.conf (#1098)

apps/server/nginx.single.conf

@@ -1,106 +0,0 @@
-events {
-    worker_connections 1024;
-}
-
-http {
-    client_max_body_size 25M;
-
-    upstream client {
-        server localhost:3000;
-    }
-
-    upstream api {
-        server localhost:3001;
-    }
-
-    upstream admin {
-        server localhost:3002;
-    }
-
-    # Preserve any existing X-Forwarded-* headers, this is relevant if AliasVault
-    # is running behind another reverse proxy.
-    set_real_ip_from 10.0.0.0/8;
-    set_real_ip_from 172.16.0.0/12;
-    set_real_ip_from 192.168.0.0/16;
-    real_ip_header X-Forwarded-For;
-    real_ip_recursive on;
-
-    include /etc/nginx/mime.types;
-    default_type application/octet-stream;
-
-    # Enable gzip compression, which reduces the amount of data that needs to be transferred
-    # to speed up WASM load times.
-    gzip on;
-    gzip_vary on;
-    gzip_proxied any;
-    gzip_comp_level 6;
-    gzip_buffers 16 8k;
-    gzip_http_version 1.1;
-    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
-
-    server {
-        listen 80;
-        server_name _;
-
-        # Redirect all HTTP traffic to HTTPS
-        location / {
-            return 301 https://$host$request_uri;
-        }
-    }
-
-    server {
-        listen 443 ssl;
-        server_name _;
-
-        # Include the appropriate SSL certificate configuration generated
-        # by the entrypoint script.
-        include /etc/nginx/ssl.conf;
-
-        # Security headers
-        add_header Referrer-Policy "strict-origin-when-cross-origin" always;
-        add_header X-Content-Type-Options "nosniff" always;
-        add_header X-Frame-Options "SAMEORIGIN" always;
-        add_header Cross-Origin-Resource-Policy "same-origin" always;
-        add_header Content-Security-Policy "frame-ancestors 'self'" always;
-
-        # Admin interface
-        location /admin {
-            proxy_pass http://admin;
-            proxy_set_header Host $http_host;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-Proto https;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-            proxy_set_header X-Forwarded-Prefix /admin/;
-
-            # Rewrite HTTP redirects to HTTPS
-            proxy_redirect http:// https://;
-
-            # Add WebSocket support for Blazor server
-            proxy_http_version 1.1;
-            proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "upgrade";
-            proxy_read_timeout 86400;
-        }
-
-        # API endpoints
-        location /api {
-            proxy_pass http://api;
-            proxy_set_header Host $http_host;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-Proto $scheme;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        }
-
-        # Client app (root path)
-        location / {
-            proxy_pass http://client;
-            proxy_set_header Host $http_host;
-            proxy_set_header X-Real-IP $remote_addr;
-            proxy_set_header X-Forwarded-Proto $scheme;
-            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-
-            # Rewrite HTTP redirects to HTTPS
-            proxy_redirect http:// https://;
-        }
-    }
-}

dockerfiles/Dockerfile.server.allinone

@@ -90,7 +90,13 @@ COPY --from=dotnet-builder /app/taskrunner /app/taskrunner
 COPY apps/server/AliasVault.Client/nginx.conf /app/client/nginx.conf
 
 # Copy nginx configuration for single container deployment
-COPY apps/server/nginx.single.conf /etc/nginx/nginx.single.conf
+COPY apps/server/nginx.conf /etc/nginx/nginx.conf
+
+# Replace "client", "api" and "admin" hostnames with "localhost" in nginx.conf
+# to accommodate for the single-container setup
+RUN sed -i 's/client:3000/localhost:3000/g' /etc/nginx/nginx.conf && \
+    sed -i 's/api:3001/localhost:3001/g' /etc/nginx/nginx.conf && \
+    sed -i 's/admin:3002/localhost:3002/g' /etc/nginx/nginx.conf
 
 # ============================================
 # S6 Service Definitions
@@ -291,8 +297,8 @@ RUN mkdir -p /etc/s6-overlay/s6-rc.d/nginx && \
       echo 'ssl_prefer_server_ciphers off;'; \
       echo 'SSLEOF'; \
       echo ''; \
-      echo '# Use single container nginx configuration'; \
-      echo 'cp /etc/nginx/nginx.single.conf /etc/nginx/nginx.conf'; \
+      echo '# Use container nginx configuration'; \
+      echo 'cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf'; \
       echo ''; \
       echo '# Wait for all services to be ready'; \
       echo 'echo "Waiting for services to be ready..."'; \

dockerfiles/README.md

@@ -10,8 +10,8 @@ Used to locally build Docker images from source instead of retrieving pre-built
 ### `docker-compose.dev.yml`
 Contains containers for aiding in local development of AliasVault. Provides a separate PostgreSQL instance for development on port 5433, managed via `./install.sh configure-dev-db`.
 
-### `Dockerfile.server.singlecontainer`
-This is a standalone single-container build for easy self-hosting, using s6-overlay to run multiple services (database, API, web, smtp, task runner) inside one image.
+### `Dockerfile.server.allinone`
+This is a all-in-one single-container build of the full AliasVault server stack for easy self-hosting, using s6-overlay to run multiple services (database, API, web, smtp, task runner) in one image.
 
 This build is primarily intended for **limited platforms** like NAS devices, Unraid, or other **small home-use scenarios** where simplicity is preferred over flexibility.