grafana e prometeus

2025-04-03 16:43:30 -03:00
parent 8ba6f345c7
commit b7e5cb64aa
35 changed files with 962 additions and 942 deletions
--- a/src/main.ts
+++ b/src/main.ts
@@ -4,12 +4,30 @@ import { ValidationPipe } from '@nestjs/common';
 import { ResponseInterceptor } from './common/response.interceptor';
 import { DocumentBuilder, SwaggerModule } from '@nestjs/swagger';
 import helmet from 'helmet';
+import { NestExpressApplication } from '@nestjs/platform-express';
+import { join } from 'path';

 async function bootstrap() {
-  const app = await NestFactory.create(AppModule);
+  const app = await NestFactory.create<NestExpressApplication>(AppModule);

-  // Adicionar Helmet para proteção de cabeçalhos HTTP
-  app.use(helmet());
+  app.use(helmet({
+    contentSecurityPolicy: {
+      directives: {
+        defaultSrc: [`'self'`],
+        scriptSrc: [`'self'`, `'unsafe-inline'`, 'cdn.jsdelivr.net', 'cdnjs.cloudflare.com'],
+        styleSrc: [`'self'`, `'unsafe-inline'`, 'cdnjs.cloudflare.com'],
+        imgSrc: [`'self'`, 'data:'],
+        connectSrc: [`'self'`],
+        fontSrc: [`'self'`, 'cdnjs.cloudflare.com'],
+      },
+    },
+  }));
+  
+  // Configurar pasta de arquivos estáticos
+  app.useStaticAssets(join(__dirname, '..', 'public'), {
+    index: false,
+    prefix: '/dashboard',
+  });
  
  app.useGlobalInterceptors(new ResponseInterceptor());
  
@@ -21,13 +39,11 @@ async function bootstrap() {
      transformOptions: {
        enableImplicitConversion: true,
      },
-      // Tornar validações mais rigorosas
      forbidUnknownValues: true,
      disableErrorMessages: process.env.NODE_ENV === 'production',
    }),
  );

-  // Configuração CORS mais restritiva
  app.enableCors({
    origin: process.env.NODE_ENV === 'production' 
      ? ['https://seu-dominio.com', 'https://admin.seu-dominio.com'] 
@@ -49,5 +65,7 @@ async function bootstrap() {
  SwaggerModule.setup('docs', app, document); 

  await app.listen(8066);
+  
+
 }
 bootstrap();