0466ef9e5c
Added comprehensive security rules to all nginx configurations: Dev proxy (nginx/conf.d/default.conf): - Block dotfiles and .git directory - Block .env* files and config files - Block node_modules, docker configs, package files - Block backup files (.bak, .swp, ~) Prod proxy (nginx/conf.d.prod/default.conf): - All dev security rules - Added security headers (X-Frame-Options, CSP, etc.) - Strict CSP with frame-ancestors 'none' Frontend container (frontend/nginx.conf): - Block dotfiles and sensitive config files - Block node_modules and build configs - Added security headers All blocked paths return 404 and disable logging to avoid log spam. Blocks: .env*, .git, node_modules, docker*, package*.json, prisma, backup*, *.bak, *.swp, tsconfig.json, and more.
React + Vite
This template provides a minimal setup to get React working in Vite with HMR and some ESLint rules.
Currently, two official plugins are available:
- @vitejs/plugin-react uses Babel (or oxc when used in rolldown-vite) for Fast Refresh
- @vitejs/plugin-react-swc uses SWC for Fast Refresh
React Compiler
The React Compiler is not enabled on this template because of its impact on dev & build performances. To add it, see this documentation.
Expanding the ESLint configuration
If you are developing a production application, we recommend using TypeScript with type-aware lint rules enabled. Check out the TS template for information on how to integrate TypeScript and typescript-eslint in your project.