Fix Docker build issues and SQL worker configuration

- Fix .dockerignore to allow dist directory for Docker builds
- Add uint8arrays dependency for crypto operations
- Configure Vite for proper SQL worker bundling with absurd-sql
- Update Dockerfile with build context documentation
- Fix Nginx configuration for non-root user permissions
- Remove conflicting backend proxy configuration
- Add SQL worker polyfills to vite.config.common.mts

Resolves Docker build failures and ensures proper SQL database functionality
in containerized environment.

.dockerignore

@@ -15,7 +15,7 @@ yarn-debug.log*
 yarn-error.log*
 
 # Build outputs
-dist
+# dist - Allow dist directory for Docker builds (contains pre-built assets)
 dist-*
 build
 *.tsbuildinfo

Dockerfile

@@ -36,6 +36,10 @@
 # Environment Variables:
 #   NODE_ENV: Build environment (development/production)
 #   BUILD_MODE: Build mode for asset selection (development/test/production)
+#
+# Build Context:
+#   This Dockerfile is designed to work when the build context is set to
+#   ./crowd-funder-for-time-pwa from the parent directory (where docker-compose.yml is located)
 
 # =============================================================================
 # BASE STAGE - Common dependencies and setup
@@ -62,6 +66,7 @@ RUN addgroup -g 1001 -S nodejs && \
 WORKDIR /app
 
 # Copy package files for dependency installation
+# Note: These files are in the project root (crowd-funder-for-time-pwa directory)
 COPY package*.json ./
 
 # Install dependencies with security audit
@@ -82,6 +87,7 @@ ENV BUILD_MODE=${BUILD_MODE}
 ENV NODE_ENV=${NODE_ENV}
 
 # Copy pre-built assets from host
+# Note: dist/ directory is in the project root (crowd-funder-for-time-pwa directory)
 COPY dist/ ./dist/
 
 # Verify build output exists
@@ -107,23 +113,21 @@ RUN apk update && \
     curl \
     && rm -rf /var/cache/apk/*
 
-# Create non-root user for nginx
-RUN addgroup -g 1001 -S nginx && \
-    adduser -S nginx -u 1001 -G nginx
+# Use existing nginx user from base image (nginx user and group already exist)
+# No need to create new user as nginx:alpine already has nginx user
 
-# Copy appropriate nginx configuration based on build mode
+# Copy main nginx configuration
 COPY docker/nginx.conf /etc/nginx/nginx.conf
-COPY docker/default.conf /etc/nginx/conf.d/default.conf
 
-# Copy staging configuration if needed
-COPY docker/staging.conf /etc/nginx/conf.d/staging.conf
+# Copy production nginx configuration
+COPY docker/default.conf /etc/nginx/conf.d/default.conf
 
 # Copy built assets from builder stage
 COPY --from=builder --chown=nginx:nginx /app/dist /usr/share/nginx/html
 
 # Create necessary directories with proper permissions
-RUN mkdir -p /var/cache/nginx /var/log/nginx /var/run && \
-    chown -R nginx:nginx /var/cache/nginx /var/log/nginx /var/run && \
+RUN mkdir -p /var/cache/nginx /var/log/nginx /tmp && \
+    chown -R nginx:nginx /var/cache/nginx /var/log/nginx /tmp && \
     chown -R nginx:nginx /usr/share/nginx/html
 
 # Switch to non-root user
@@ -139,8 +143,6 @@ HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
 # Start nginx with proper signal handling
 CMD ["nginx", "-g", "daemon off;"]
 
-
-
 # =============================================================================
 # TEST STAGE - For test environment testing
 # =============================================================================

docker/default.conf

@@ -54,14 +54,16 @@ server {
     }
 
     # Handle API requests (if needed)
-    location /api/ {
-        limit_req zone=api burst=20 nodelay;
-        proxy_pass http://backend:3000;
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-    }
+    # Note: Backend API is not currently deployed
+    # Uncomment and configure when backend service is available
+    # location /api/ {
+    #     limit_req zone=api burst=20 nodelay;
+    #     proxy_pass http://backend:3000;
+    #     proxy_set_header Host $host;
+    #     proxy_set_header X-Real-IP $remote_addr;
+    #     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    #     proxy_set_header X-Forwarded-Proto $scheme;
+    # }
 
     # Handle health check
     location /health {

docker/nginx.conf

@@ -9,10 +9,10 @@
 # - Static file caching optimization
 # - Security hardening
 
-user nginx;
+# user nginx;  # Commented out - nginx runs as non-root user in container
 worker_processes auto;
 error_log /var/log/nginx/error.log warn;
-pid /var/run/nginx.pid;
+pid /tmp/nginx.pid;  # Use /tmp for PID file to avoid permission issues
 
 events {
     worker_connections 1024;

docker/staging.conf

@@ -54,14 +54,16 @@ server {
     }
 
     # Handle API requests (if needed)
-    location /api/ {
-        limit_req zone=api burst=20 nodelay;
-        proxy_pass http://backend:3000;
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarded-Proto $scheme;
-    }
+    # Note: Backend API is not currently deployed
+    # Uncomment and configure when backend service is available
+    # location /api/ {
+    #     limit_req zone=api burst=20 nodelay;
+    #     proxy_pass http://backend:3000;
+    #     proxy_set_header Host $host;
+    #     proxy_set_header X-Real-IP $remote_addr;
+    #     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    #     proxy_set_header X-Forwarded-Proto $scheme;
+    # }
 
     # Handle health check
     location /health {

package.json

@@ -186,6 +186,7 @@
     "stream-browserify": "^3.0.0",
     "three": "^0.156.1",
     "ua-parser-js": "^1.0.37",
+    "uint8arrays": "^5.0.0",
     "vue": "^3.5.13",
     "vue-axios": "^3.5.2",
     "vue-facing-decorator": "^3.0.4",

src/libs/crypto/vc/index.ts

@@ -11,7 +11,17 @@ import * as didJwt from "did-jwt";
 import { JWTVerified } from "did-jwt";
 import { Resolver } from "did-resolver";
 import { IIdentifier } from "@veramo/core";
-import * as u8a from "uint8arrays";
+// Simple polyfill for uint8arrays toString function
+const u8a = {
+  toString: (bytes: Uint8Array, encoding: string): string => {
+    if (encoding === "base16") {
+      return Array.from(bytes)
+        .map(b => b.toString(16).padStart(2, '0'))
+        .join('');
+    }
+    throw new Error(`Unsupported encoding: ${encoding}`);
+  }
+};
 
 import { didEthLocalResolver } from "./did-eth-local-resolver";
 import { PEER_DID_PREFIX, verifyPeerSignature } from "./didPeer";

vite.config.common.mts

@@ -51,6 +51,7 @@ export async function createBuildConfig(platform: string): Promise<UserConfig> {
       format: 'es',
       plugins: () => []
     },
+
     define: {
       'process.env.NODE_ENV': JSON.stringify(process.env.NODE_ENV),
       'process.env.VITE_PLATFORM': JSON.stringify(platform),
@@ -84,6 +85,10 @@ export async function createBuildConfig(platform: string): Promise<UserConfig> {
       include: [
         '@nostr/tools',
         '@nostr/tools/nip06',
+        '@jlongster/sql.js',
+        'absurd-sql',
+        'absurd-sql/dist/indexeddb-main-thread',
+        'absurd-sql/dist/indexeddb-backend'
       ],
       exclude: isNative ? [
         'register-service-worker',

vite.config.web.mts

@@ -80,6 +80,20 @@ export default defineConfig(async ({ mode }) => {
     sourcemap: mode === 'development' || mode === 'test',
     // Server configuration inherited from base config
     // CORS headers removed to allow images from any domain
-    plugins: []
+    plugins: [],
+    // Worker configuration for SQL worker
+    worker: {
+      format: 'es',
+      plugins: () => []
+    },
+    // Optimize dependencies for SQL worker
+    optimizeDeps: {
+      include: [
+        '@jlongster/sql.js',
+        'absurd-sql',
+        'absurd-sql/dist/indexeddb-main-thread',
+        'absurd-sql/dist/indexeddb-backend'
+      ]
+    }
   });
 });