infra: .dockerignore, remove exposed port, healthcheck, pin caddy

- add repo-root .dockerignore (target, node_modules, .git, dist) - colony: expose instead of ports (internal network only) - colony: healthcheck via /api/health - caddy: pin to 2.11, mount Caddyfile read-only - caddy: depends_on service_healthy Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-29 20:30:27 +02:00
parent 17cca7b077
commit 49131a38e0
2 changed files with 21 additions and 5 deletions
--- a/.dockerignore
+++ b/.dockerignore
@@ -0,0 +1,9 @@
+target/
+**/node_modules/
+**/dist/
+.git/
+*.db
+*.db-wal
+*.db-shm
+.claude/
+docs/