-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
58 lines (46 loc) · 1.99 KB
/
Dockerfile
File metadata and controls
58 lines (46 loc) · 1.99 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
# ── Build stage ────────────────────────────────────────────
FROM node:22-alpine AS builder
WORKDIR /app
# Build-time-ONLY placeholders. NextAuth and the settings vault import their
# secrets at module-init time, so `next build` needs *some* value present.
# These values are NOT inherited by the runner stage and never ship in the
# final image. Real secrets must be supplied at runtime via --env-file,
# Docker secrets, or an orchestrator (Compose / K8s / Fly / etc.).
ARG AUTH_SECRET=build-time-placeholder-not-a-real-secret
ARG OPENSEO_ENCRYPTION_KEY=QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUE=
ENV AUTH_SECRET=$AUTH_SECRET
ENV OPENSEO_ENCRYPTION_KEY=$OPENSEO_ENCRYPTION_KEY
COPY package.json package-lock.json .npmrc ./
COPY prisma ./prisma
RUN npm ci
RUN npx prisma generate
COPY . .
RUN npm run build
# ── Production stage ──────────────────────────────────────
FROM node:22-alpine AS runner
WORKDIR /app
ENV NODE_ENV=production
# NO AUTH_SECRET / OPENSEO_ENCRYPTION_KEY defaults here on purpose.
# The server's instrumentation hook refuses to boot unless both are supplied
# at runtime.
# Install only production dependencies
COPY package.json package-lock.json .npmrc ./
COPY prisma ./prisma
RUN npm ci --omit=dev
# Re-generate Prisma client for production deps
RUN npx prisma generate
# Copy build output and static assets
COPY --from=builder /app/.next ./.next
COPY --from=builder /app/public ./public
COPY --from=builder /app/next.config.ts ./
COPY --from=builder /app/instrumentation.ts ./
COPY --from=builder /app/tsconfig.json ./
# Copy source for standalone worker (tsx runs TypeScript directly)
COPY --from=builder /app/src ./src
# Create uploads directory for local storage
RUN mkdir -p /app/uploads
COPY docker-entrypoint.sh ./
RUN chmod +x docker-entrypoint.sh
EXPOSE 3000
ENTRYPOINT ["./docker-entrypoint.sh"]
CMD ["npm", "start"]