Add Dockerfile and docker-compose.yml for containerized setup; create .dockerignore (#6)

.dockerignore

@@ -0,0 +1,36 @@
+# Git files
+.git
+.gitignore
+.github
+
+# Build artifacts
+server
+src/bin/
+*.o
+
+# Log files
+log/
+*.log
+
+# IDE and editor files
+.vscode/
+.idea/
+*.swp
+*.swo
+*~
+
+# Documentation (except what we explicitly COPY)
+*.md
+!README.md
+!DOCUMENTATION.md
+
+# SSL certificates (mount these as volumes)
+ssl/
+
+# OS files
+.DS_Store
+Thumbs.db
+
+# Test files
+test/
+tests/

Dockerfile

@@ -0,0 +1,61 @@
+FROM debian:bookworm-slim AS builder
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    apt-utils \
+    gcc \
+    make \
+    libssl-dev \
+    libmagic-dev \
+    libnghttp2-dev \
+    pkg-config \
+    build-essential \
+    && rm -rf /var/lib/apt/lists/*
+
+
+WORKDIR /build
+
+COPY src/ ./src/
+COPY Makefile .
+COPY server.conf .
+
+RUN make clean && make release
+
+FROM debian:bookworm-slim
+
+ENV DEBIAN_FRONTEND=noninteractive
+
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    apt-utils \
+    libssl3 \
+    libmagic1 \
+    libnghttp2-14 \
+    ca-certificates \
+    curl \
+    && rm -rf /var/lib/apt/lists/*
+
+
+RUN useradd -m -u 1000 -s /bin/bash carbon
+
+WORKDIR /app
+RUN mkdir -p /app/www /app/log /app/ssl/cert && \
+    chown -R carbon:carbon /app
+
+COPY --from=builder /build/server /app/
+COPY --from=builder /build/server.conf /app/
+
+COPY www/ ./www/
+
+COPY README.md DOCUMENTATION.md LICENSE ./
+
+RUN chown -R carbon:carbon /app
+
+USER carbon
+
+EXPOSE 8080 8443
+
+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+    CMD curl -f http://localhost:8080/ || exit 1
+
+CMD ["./server"]

docker-compose.yml

@@ -0,0 +1,48 @@
+version: '3.8'
+
+services:
+  carbon-server:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    container_name: carbon-http-server
+    ports:
+      - "8080:8080"   # HTTP port
+      - "8443:8443"   # HTTPS port
+    volumes:
+      # Mount www directory for easy content updates
+      - ./www:/app/www:ro
+      # Mount log directory to persist logs
+      - ./log:/app/log
+      # Mount SSL certificates if using HTTPS
+      - ./ssl:/app/ssl:ro
+      # Mount config file
+      - ./server.conf:/app/server.conf:ro
+    environment:
+      - TZ=UTC
+    restart: unless-stopped
+    networks:
+      - carbon-net
+    # Resource limits
+    deploy:
+      resources:
+        limits:
+          cpus: '2'
+          memory: 512M
+        reservations:
+          cpus: '0.5'
+          memory: 128M
+    # Security options
+    security_opt:
+      - no-new-privileges:true
+    cap_drop:
+      - ALL
+    cap_add:
+      - NET_BIND_SERVICE
+    read_only: true
+    tmpfs:
+      - /tmp
+
+networks:
+  carbon-net:
+    driver: bridge