Using Docker to publish razor wasm

Using Docker to publish razor wasm

The files compiled by Blazor are static files, so we only need a web server that supports static pages.
According to different projects, it will be arranged in different containers. For example, this article will show how to pack into docker step by step when there is no gateway

demand
HTTPS
Since there is no gateway and it is directly facing the Internet, HTTPS is particularly important

HTTP/2 TLS3.0
Since both are static resources, the purpose of using H2 and TLS3.0 is to further speed up loading

Compress
The purpose of static resource compression is still to further speed up the loading speed. The compression options are Brotli and Gzip compression

Dockerfile
The official Nginx image does not support Brotli by default
Therefore, you need to prepare an image with Brotli support. Here, we recommend using the boastful Nginx image, which not only uses the latest openssl compilation (to avoid vulnerability), but also supports TLS1.3 http2 brotli and the default East eight time zone. In addition, there are configuration examples in the configuration file. Welcome to Docker Hub rsnow/nginx to learn more.

Release razor wasm
As of May 26, 2020, VS can't directly publish razor wasm to Docker image warehouse, so it can only pack by itself

Release first, no more details
Create a Dockerfile in the project root directory
FROM rsnow/nginx:amd64-1.18.0
RUN rm /usr/share/nginx/html/index.html && \

echo -e 'server { \n\
listen       443 ssl http2; \n\
server_name  localhost; \n\
brotli on; \n\
brotli_comp_level 6; \n\
brotli_types application/wasm application/octet-stream text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/svg+xml; \n\
gzip on; \n\
gzip_vary on; \n\
gzip_proxied any; \n\
gzip_comp_level 6; \n\
gzip_types application/wasm application/octet-stream text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml; \n\
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; \n\
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; \n\
ssl_trusted_certificate /etc/letsencrypt/live/example.com/chain.pem; \n\
ssl_dhparam /etc/certs/dhparam.pem; \n\
ssl_session_timeout 1d; \n\
ssl_session_cache shared:SSL:10m;  about 40000 sessions \n\
ssl_session_tickets off; \n\
ssl_protocols TLSv1.3; \n\
ssl_prefer_server_ciphers off; \n\
ssl_stapling on; \n\
ssl_stapling_verify on; \n\
resolver 1.1.1.1 1.0.0.1 8.8.8.8 8.8.4.4 208.67.222.222 208.67.220.220 valid=60s; \n\
resolver_timeout 2s; \n\
add_header X-Frame-Options "SAMEORIGIN" always; \n\
add_header X-XSS-Protection "1; mode=block" always; \n\
add_header X-Content-Type-Options "nosniff" always; \n\
add_header Referrer-Policy "no-referrer-when-downgrade" always; \n\
add_header Content-Security-Policy "default-src \'self\' http: https: data: blob: \'unsafe-inline\'" always; \n\
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always; \n\    
location / { \n\
    root   /usr/share/nginx/html; \n\
    try_files $uri $uri/ /index.html =404; \n\
} \n\

} n\
' > /etc/nginx/conf.d/default.conf
COPY ./bin/Release/netstandard2.1/publish/wwwroot /usr/share/nginx/html/
We use the custom conf to override the default conf (the simplest case)

There is only one virtual host in the whole Nginx Container, so the server_name whatever the value, the request will point to this unique virtual host
If there is a gateway, you can turn off cross domain, HTTPS and other configurations, because these content gateways will cover
Because this example shows the simplest case, it does not use volume. If there is container interconnection and external certificates are loaded, the configuration file can create mount points according to the actual situation.
Both gz and br have added support for application / wasm application / octet stream
Images
If you have a Dockerfile, start to generate an image

docker build -t example.com/testnginxblazor:latest .
Upload to warehouse if necessary

docker push example.com/testnginxblazor:latest
Run
Create and run containers based on the created images

docker run \

-d \
--name nginxblazor \
-p 443:443 \
-v /test/fullchain.pem : /etc/letsencrypt/live/example.com/fullchain.pem \
-v /test/privkey.pem : /etc/letsencrypt/live/example.com/privkey.pem \
-v /test/chain.pem : /etc/letsencrypt/live/example.com/chain.pem \
-v /test/dhparam.pem : /etc/certs/dhparam.pem \
example.com/testnginxblazor

statement
This article uses knowledge sharing signatures - non commercial use - the same way to share the 2.5 mainland China license agreement for permission, published in CSDN and blog Garden, welcome readers to reprint, but without the consent of the author, we must retain this statement and give the original connection in the obvious position of the article page. Please respect copyright

Original address https://www.cnblogs.com/chasingdreams2017/p/12984025.html

Tags: Web Server Nginx xml Docker Javascript

Posted on Thu, 28 May 2020 18:53:24 -0700 by matt_wilkes