build: setup docker containers for development

nginx/nginx.conf

@@ -0,0 +1,48 @@
+events {
+    worker_connections 1024;
+}
+
+http {
+    # Upstream definitions for load balancing
+    upstream app_servers {
+        server app:3000;
+    }
+
+    # Redirect HTTP to HTTPS
+    server {
+        listen 80;
+        server_name localhost;
+        return 301 https://$server_name$request_uri;
+    }
+
+    # HTTPS server
+    server {
+        listen 443 ssl;
+        http2 on;
+        server_name localhost;
+
+        # SSL certificates
+        ssl_certificate /etc/nginx/ssl/nginx.crt;
+        ssl_certificate_key /etc/nginx/ssl/nginx.key;
+
+        # SSL settings
+        ssl_protocols TLSv1.2 TLSv1.3;
+        ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
+        ssl_prefer_server_ciphers off;
+        ssl_session_cache shared:SSL:10m;
+        ssl_session_timeout 1d;
+
+        # Security headers
+        add_header Strict-Transport-Security "max-age=31536000" always;
+        add_header X-Content-Type-Options nosniff;
+        add_header X-Frame-Options DENY;
+
+        location / {
+            proxy_pass http://app_servers;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+}

nginx/ssl/nginx.crt

@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDfTCCAmWgAwIBAgIURlHl95jmWHmHnnvNTxkY7kW4wtowDQYJKoZIhvcNAQEL
+BQAwTjELMAkGA1UEBhMCVVMxDjAMBgNVBAgMBVN0YXRlMQ0wCwYDVQQHDARDaXR5
+MQwwCgYDVQQKDANPcmcxEjAQBgNVBAMMCWxvY2FsaG9zdDAeFw0yNjAzMTIxNjE4
+NTJaFw0yNzAzMTIxNjE4NTJaME4xCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVTdGF0
+ZTENMAsGA1UEBwwEQ2l0eTEMMAoGA1UECgwDT3JnMRIwEAYDVQQDDAlsb2NhbGhv
+c3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWUpy/ZcJadapNmSGx
+tDJpg8e2/KCh4T7iUh90i9g4xZ+0Aq61GXs6pjemTQ11Pq2vW+g2+Ax9Ah98MbW7
+cGNiRZknG9aiIez2FXBjx6MyPmXtvWu57VHbom7rHbASxJmo1hFovbgIlxYL9CKK
+PydW8LmvDg3Umfx4PAwRGTJzExI78OZDhBCA+0hFRagWH4jbmjPHJtjavImBSUCr
+3V4DdOuS0zcg702Iw/JWPWHpayebziE3DwgKx0h8Szowtk1ElylNUYqC+bRPL0xc
+aUY7IwfNdqDq8k/KRq06GKkdfAGVI5/UW9Vg2HuTVj8URyR9mMOPH82cG/FLju0A
+fe4dAgMBAAGjUzBRMB0GA1UdDgQWBBSdAtYn/aiQ2VWu5YxaNJfukI5OqTAfBgNV
+HSMEGDAWgBSdAtYn/aiQ2VWu5YxaNJfukI5OqTAPBgNVHRMBAf8EBTADAQH/MA0G
+CSqGSIb3DQEBCwUAA4IBAQAMTEpQK2asxSBQiGFl1fI1SLycOE1LAu6Fzh/1rzOY
+5LRRiLrFbp1DUYvdQvLSDKIztQnFGpZ94ZopZ6ynNbWNJwuZdb1qj6aQ1fEknal1
+pl2wAf+8raGbs/3GDYd0YaVzTlACsPX/DaUj2tchaxlsQaHdRhsz/PHaKPi6AXQk
+fYh+sfHgFX4ZmCi5SieGxak/tU7635R1cF+2j8lbepqkbTYgbPVJCH5VmQp0Jp41
+m9OfrH2hgEziFGmadlMd5fMmY4GjWJ/kBixKyXbDM1F+IF3q/kbeIYa1DpG0evgi
+keWOA9rdsmxOBJnQTHzfP3PADbBDhpduh6nASBeGsZ19
+-----END CERTIFICATE-----

nginx/ssl/nginx.key

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCWUpy/ZcJadapN
+mSGxtDJpg8e2/KCh4T7iUh90i9g4xZ+0Aq61GXs6pjemTQ11Pq2vW+g2+Ax9Ah98
+MbW7cGNiRZknG9aiIez2FXBjx6MyPmXtvWu57VHbom7rHbASxJmo1hFovbgIlxYL
+9CKKPydW8LmvDg3Umfx4PAwRGTJzExI78OZDhBCA+0hFRagWH4jbmjPHJtjavImB
+SUCr3V4DdOuS0zcg702Iw/JWPWHpayebziE3DwgKx0h8Szowtk1ElylNUYqC+bRP
+L0xcaUY7IwfNdqDq8k/KRq06GKkdfAGVI5/UW9Vg2HuTVj8URyR9mMOPH82cG/FL
+ju0Afe4dAgMBAAECggEAAVB1mGLOYTYYKBeHqOMXcb66N0pcKS4r+5SWO9GhMVXh
+AJTpbCHt5uRfJjAURwsmP5tBG4HtsgYbul1A5oOkCs7q+OGQbdh4Fuq3EdhEAAN1
+pq96SqTdi1sPNzUKPg/D/Crq+gx2mHSht7cJukW1FViDdxlbW5mBEJgNzvR2cXUc
+zAmVyyWF4YQEwb4Iinpyy3wm63+Z49dmBigsavp2lkLW3rcE3JG7Q2jYEkvDyOux
++ankDd4lsxfXWW1rDBLwiK00TZQ4gqM/RRDTXCWxi0E82pq5tjG0Cj0R/4wTe4da
+eZjXprU03GfQ9FA186hA8wJcUR1IukBhhZcidNE6jQKBgQDK4QDCPufMx6pTeNz4
+TwfowOms2vuMIHAagAwoYpuukL5PD02bjMOVx1IwMwgauATIT/Gl+8psF6KVkSsT
+QiMew1apLqVXAq5YHicpi2atT6z5hV+CjAt3wLzpGcVFDklpGW1f6ALmw/p29tJg
+TWquWaqRlrd/EPqR10HH0qbvbwKBgQC9rsKlQTrbKYAxOCyxVhBa4muLGYHMwN8I
+5I6Y43Ihf3qvejB2rkPrEkMUR+qhlNDAFdybgcSUP0y17QQ9f1Wz0HKMR4qnRzdL
+981rNJ3D1ThaTaO13LSzbZDPBQobaYTMxxMRNpM0e4DtxKaZlhI/9qsIp7hZeTYG
+j0LZP9n1MwKBgGo63rbXUXC8q8cBZlLurumE+dZ043pAEfMOUU9kMrh5Oe0TykNE
+tbTbpYFvdzLmYDqzAYk0Co4G4i8G0FNJMjKNffcgYZrp4HhrcX4jbCQbsCsHVzd4
+NRkDZud3gv/htza9BbROPBaxT5izLP0YDGA2u0V4caSrM0jiOaNz/c0pAoGAb2sY
+KroGOHZINqEon4JOWRRm125EMGGaoT6gBG6Vu9eF2U2M6imy+4HepSsZR5CCjlJJ
+I482SV5lUPfIZddGIDlxD7V2XIwYjycgIrjlcwLr9x9j6o+aFUtmpDPxm+h/eUn2
+iUXlcg6ZzRCWS+E7Fxdtn8flIalxcqj0O2imPsECgYAPtq9N//2YgNeNsljLzUqf
+4K4eC9mvgKhrlfxSIxcnU6cdftV4Q+6UpWH8rB6+/jBYKsR/fYHlWwDdk8I456aG
+cUxYVAH6x/sET1I+79LJJ9bh7Exj4THlohMQPvPAxAghg5d+Ii8iD3cS6mZO5C8e
+4aE8vgCGtzLJoAuEcriPqg==
+-----END PRIVATE KEY-----