d

2026-03-05 21:35:59 +00:00
parent f6608eee87
commit 3824bddbb5
73 changed files with 6971 additions and 0 deletions
--- a/zeshancv/Dockerfile
+++ b/zeshancv/Dockerfile
@@ -0,0 +1,23 @@
+FROM caddy:2-alpine
+
+# Copy your static site into Caddy's default web root
+COPY . /usr/share/caddy
+# CIS: Install dependencies (curl for healthcheck, libcap for permissions)
+RUN apk add --no-cache curl libcap \
+    && setcap 'cap_net_bind_service=+ep' /usr/bin/caddy \
+    && apk del libcap
+
+# CIS: Set working directory
+WORKDIR /usr/share/caddy
+
+# CIS: Copy site content with ownership for the non-root user
+COPY --chown=caddy:caddy . .
+
+# CIS: Run as non-root user
+USER caddy
+
+# CIS: Add healthcheck
+HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
+    CMD curl -f http://localhost:80/ || exit 1
+
+EXPOSE 80