From 62daab494abee87f9d88981613f673e9e230b405 Mon Sep 17 00:00:00 2001
From: riomoo <alister@kamikishi.net>
Date: Tue, 13 Jan 2026 09:21:39 -0500
Subject: [PATCH] feat and dev merging (#2)

- Plus and Minus button added for modifier
- better WS:// and WSS:// implementation
- dev: readme adjusted

Reviewed-on: https://git.jester-designs.com/riomoo/gofudge/pulls/2
Co-authored-by: riomoo <alister@kamikishi.net>
Co-committed-by: riomoo <alister@kamikishi.net>
---
 Containerfile                 | 38 ++++++++++++++++++++++++++
 Dockerfile                    | 36 -------------------------
 README.md                     | 50 +++++++++++++++++++++++++++++++++++
 app/gofudge/main.go           | 29 ++++++++++++++++----
 run.sh => scripts-bash/run.sh |  0
 5 files changed, 112 insertions(+), 41 deletions(-)
 create mode 100644 Containerfile
 delete mode 100644 Dockerfile
 rename run.sh => scripts-bash/run.sh (100%)

diff --git a/Containerfile b/Containerfile
new file mode 100644
index 0000000..bb9a96b
--- /dev/null
+++ b/Containerfile
@@ -0,0 +1,38 @@
+# Build stage
+FROM golang:alpine AS builder
+
+# Install build dependencies and UPX
+RUN apk add --no-cache \
+    musl-dev \
+    gcc \
+    wget \
+    xz \
+    git
+
+RUN wget https://github.com/upx/upx/releases/download/v5.0.2/upx-5.0.2-amd64_linux.tar.xz && \
+    tar -xf upx-5.0.2-amd64_linux.tar.xz && \
+    mv upx-5.0.2-amd64_linux/upx /usr/local/bin/upx && \
+    rm -r upx-5.0.2-amd64_linux upx-5.0.2-amd64_linux.tar.xz
+
+WORKDIR /app
+
+# Copy go mod files first for better layer caching
+COPY go.mod ./
+RUN go mod download
+
+# Copy source code
+COPY . .
+
+# Create necessary directories, build, and compress with UPX
+RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -ldflags="-s -w -extldflags '-static' -X main.GOMEMLIMIT=50MiB -X runtime.defaultGOGC=50" -trimpath -gcflags="-l=4" -asmflags=-trimpath -o bin/main app/gofudge/main.go
+RUN upx --best --ultra-brute bin/main
+RUN chmod +x bin/main
+
+FROM scratch
+WORKDIR /app
+
+# Copy only the built binary and necessary directories
+COPY --from=builder /app/bin/main ./bin/main
+
+EXPOSE 8080
+ENTRYPOINT ["/app/bin/main"]
diff --git a/Dockerfile b/Dockerfile
deleted file mode 100644
index fba9f9e..0000000
--- a/Dockerfile
+++ /dev/null
@@ -1,36 +0,0 @@
-# Build stage
-FROM golang:bookworm AS builder
-
-# Install UPX
-RUN apt-get update && apt-get install -y wget xz-utils && rm -rf /var/lib/apt/lists/*
-
-# Download the latest UPX binary directly from GitHub
-RUN wget https://github.com/upx/upx/releases/download/v5.0.2/upx-5.0.2-amd64_linux.tar.xz
-RUN tar -xf upx-5.0.2-amd64_linux.tar.xz && mv upx-5.0.2-amd64_linux/upx /usr/local/bin/upx && rm -r upx-5.0.2-amd64_linux upx-5.0.2-amd64_linux.tar.xz
-
-# Create a simple Go web server
-WORKDIR /app
-
-# Copy go mod files first for better layer caching
-COPY go.mod ./
-RUN go mod download
-
-# Copy source code
-COPY . .
-
-# Create necessary directories, build, and compress with UPX
-RUN mkdir -p /var/sockets
-RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -a -ldflags="-s -w -extldflags '-static' -X main.GOMEMLIMIT=50MiB -X runtime.defaultGOGC=150" -trimpath -gcflags="-l=4" -asmflags=-trimpath -o bin/main app/gofudge/main.go
-RUN upx --best --ultra-brute bin/main
-RUN chmod +x bin/main
-
-# Final stage with Chainguard static
-FROM cgr.dev/chainguard/static:latest
-WORKDIR /app
-
-# Copy only the built binary and necessary directories
-COPY --from=builder /app/bin/main ./bin/main
-
-EXPOSE 8080
-USER nonroot:nonroot
-CMD ["./bin/main"]
diff --git a/README.md b/README.md
index a4d3417..6c15b50 100644
--- a/README.md
+++ b/README.md
@@ -30,18 +30,68 @@ A Fudge Dice rolling room programmed in Go
 ```
 upstream gofudge {
         server 127.0.0.1:8080;
+        #server 127.0.0.1:12007; #For Podman instead
         server [::1]:8080;
+        #server [::1]:12007; #For Podman instead
 }
 server {
         listen 80;
         listen [::1]:80;
         server_name fudge.example.com;
+        location /ws {
+                proxy_pass http://gofudge;
+                proxy_http_version 1.1;
+                
+                # WebSocket upgrade headers
+                proxy_set_header Upgrade $http_upgrade;
+                proxy_set_header Connection "upgrade";
+                
+                # Standard proxy headers
+                proxy_set_header Host $host;
+                proxy_set_header X-Real-IP $remote_addr;
+                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+                proxy_set_header X-Forwarded-Proto $scheme;
+                
+                # WebSocket timeout settings (increase for long-lived connections)
+                proxy_connect_timeout 7d;
+                proxy_send_timeout 7d;
+                proxy_read_timeout 7d;
+                
+                # Disable buffering for WebSocket
+                proxy_buffering off;
+                
+                # Security headers
+                add_header X-Content-Type-Options nosniff;
+                add_header X-Frame-Options DENY;
+                add_header X-XSS-Protection "1; mode=block";
+                add_header Referrer-Policy "strict-origin-when-cross-origin";
+        }
         location / {
                 proxy_pass http://gofudge;
                 proxy_set_header Host $host;
                 proxy_set_header X-Real-IP $remote_addr;
                 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                 proxy_set_header X-Forwarded-Proto $scheme;
+
+                # Connection keep-alive for better performance
+                proxy_http_version 1.1;
+                proxy_set_header Connection "";
+
+                # Timeouts optimized for your simple site
+                proxy_connect_timeout 5s;
+                proxy_send_timeout 10s;
+                proxy_read_timeout 10s;
+
+                # Enable buffering for better compression
+                proxy_buffering on;
+                proxy_buffer_size 4k;
+                proxy_buffers 8 4k;
+
+                # Security headers
+                add_header X-Content-Type-Options nosniff;
+                add_header X-Frame-Options DENY;
+                add_header X-XSS-Protection "1; mode=block";
+                add_header Referrer-Policy "strict-origin-when-cross-origin";
         }
 }
 ```
diff --git a/app/gofudge/main.go b/app/gofudge/main.go
index 11b7336..c87e7de 100644
--- a/app/gofudge/main.go
+++ b/app/gofudge/main.go
@@ -506,10 +506,14 @@ func handleRoom(w http.ResponseWriter, r *http.Request) {
 
         <div class="roll-section">
             <h2 style="margin-bottom: 15px;">Roll Dice</h2>
-            <div class="roll-controls">
-                <input type="number" id="modifier" placeholder="Modifier (±)" value="0">
-                <button onclick="rollDice()">Roll Fuge Dice</button>
-            </div>
+		<div class="roll-controls">
+		    <div style="display: flex; gap: 5px; align-items: center;">
+			<button onclick="adjustModifier(-1)" style="flex: 0 0 40px; padding: 10px;">−</button>
+			<input type="text" id="modifier" class="modifier-input" placeholder="Modifier (±)" value="0" style="flex: 0 0 100px;">
+			<button onclick="adjustModifier(1)" style="flex: 0 0 40px; padding: 10px;">+</button>
+		    </div>
+		    <button onclick="rollDice()">Roll Fudge Dice</button>
+		</div>
         </div>
 
         <div class="history">
@@ -525,7 +529,7 @@ func handleRoom(w http.ResponseWriter, r *http.Request) {
     <script>
         const roomId = '{{.RoomID}}';
         const username = '{{.Username}}';
-        const ws = new WebSocket('ws://' + window.location.host + '/ws?room=' + roomId + '&username=' + encodeURIComponent(username));
+	const ws = new WebSocket((window.location.protocol === 'https:' ? 'wss://' : 'ws://') + window.location.host + '/ws?room=' + roomId + '&username=' + encodeURIComponent(username));
 
         document.getElementById('inviteLink').textContent = window.location.origin + '/room/' + roomId;
 
@@ -533,6 +537,21 @@ func handleRoom(w http.ResponseWriter, r *http.Request) {
             navigator.clipboard.writeText(window.location.origin + '/room/' + roomId);
             alert('Invite link copied!');
         }
+	function adjustModifier(amount) {
+		const input = document.getElementById('modifier');
+		const currentValue = parseInt(input.value) || 0;
+		input.value = currentValue + amount;
+	}
+
+	document.addEventListener('DOMContentLoaded', function() {
+	    document.getElementById('modifier').addEventListener('input', function(e) {
+		// Allow empty, minus sign, and numbers
+		if (e.target.value !== '' && e.target.value !== '-' && isNaN(parseInt(e.target.value))) {
+		    e.target.value = e.target.value.slice(0, -1);
+		}
+	    });
+	});
+
 
         ws.onmessage = function(event) {
             const msg = JSON.parse(event.data);
diff --git a/run.sh b/scripts-bash/run.sh
similarity index 100%
rename from run.sh
rename to scripts-bash/run.sh