add example in docker-compose, clarify README, add clearer validation, longer timeouts for websocket connections

README.md

@@ -114,19 +114,23 @@ docker compose up -d
 # Access the frontend at localhost:6767
 ```
 
-### Reverse proxy / Traefik setups
+### Reverse Proxy / Traefik Setups (Docker)
 
-When ExcaliDash runs behind Traefik, Nginx, or another reverse proxy, configure both containers so that API + WebSocket calls resolve correctly:
+When running ExcaliDash behind Traefik, Nginx, or another reverse proxy, configure both containers so that API + WebSocket calls resolve correctly:
 
-- `FRONTEND_URL` (backend) must match the public URL that users hit (e.g. `https://excalidraw.example.com`). This controls CORS and Socket.IO origin checks.
+- `FRONTEND_URL` (backend) must match the public URL that users hit (e.g. `https://excalidash.example.com`). This controls CORS and Socket.IO origin checks.
 - `BACKEND_URL` (frontend) tells the Nginx container how to reach the backend from inside Docker/Kubernetes. Override it if your reverse proxy exposes the backend under a different hostname.
 
 ```yaml
+# docker-compose.yml example
 backend:
   environment:
-    - FRONTEND_URL=https://excalidraw.example.com
+    - FRONTEND_URL=https://excalidash.example.com
 frontend:
   environment:
+    # For standard Docker Compose (default)
+    # - BACKEND_URL=backend:8000
+    # For Kubernetes, use the service DNS name:
     - BACKEND_URL=excalidash-backend.default.svc.cluster.local:8000
 ```
 

docker-compose.yml

@@ -33,6 +33,8 @@ services:
     ports:
       - "6767:80"
     environment:
+      # Backend URL for nginx proxy (host:port format, no protocol)
+      # Override for reverse proxy setups (e.g., excalidash-backend.svc.cluster.local:8000)
       - BACKEND_URL=backend:8000
     depends_on:
       - backend

frontend/docker-entrypoint.sh

@@ -1,7 +1,8 @@
 #!/bin/sh
+# Alpine-based image uses /bin/sh (busybox ash), not bash
 set -e
 
-# Set default backend URL if not provided
+# Set default backend URL if not provided (host:port format, no protocol)
 export BACKEND_URL="${BACKEND_URL:-backend:8000}"
 
 echo "Configuring nginx with BACKEND_URL: ${BACKEND_URL}"
@@ -11,7 +12,11 @@ echo "Configuring nginx with BACKEND_URL: ${BACKEND_URL}"
 envsubst '${BACKEND_URL}' < /etc/nginx/nginx.conf.template > /etc/nginx/nginx.conf
 
 # Validate the generated nginx configuration before starting
-nginx -t -c /etc/nginx/nginx.conf
+echo "Validating nginx configuration..."
+if ! nginx -t -c /etc/nginx/nginx.conf; then
+    echo "ERROR: nginx configuration validation failed" >&2
+    exit 1
+fi
 
 # Execute the main command (nginx)
-exec "$@"
+exec "$@"

frontend/nginx.conf.template

@@ -27,7 +27,7 @@ http {
             proxy_pass http://${BACKEND_URL}/;
             proxy_http_version 1.1;
             proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "upgrade";
+            proxy_set_header Connection 'upgrade';
             proxy_set_header Host $host;
             proxy_cache_bypass $http_upgrade;
             proxy_set_header X-Real-IP $remote_addr;
@@ -52,12 +52,16 @@ http {
             proxy_pass http://${BACKEND_URL}/socket.io/;
             proxy_http_version 1.1;
             proxy_set_header Upgrade $http_upgrade;
-            proxy_set_header Connection "upgrade";
+            proxy_set_header Connection 'upgrade';
             proxy_set_header Host $host;
             proxy_cache_bypass $http_upgrade;
             proxy_set_header X-Real-IP $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
             proxy_set_header X-Forwarded-Proto $scheme;
+            
+            # Longer timeouts for WebSocket connections
+            proxy_read_timeout 3600s;
+            proxy_send_timeout 3600s;
         }
 
         # Frontend routes
@@ -71,4 +75,4 @@ http {
             add_header Cache-Control "public, immutable";
         }
     }
-}
+}