-
-
Notifications
You must be signed in to change notification settings - Fork 9
Expand file tree
/
Copy pathDockerfile
More file actions
71 lines (54 loc) · 2.14 KB
/
Copy pathDockerfile
File metadata and controls
71 lines (54 loc) · 2.14 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
# ============================================================
# Stage 1: Build frontend
# ============================================================
FROM oven/bun:1-alpine AS frontend-builder
WORKDIR /app/web
COPY apps/web/package.json apps/web/bun.lock ./
RUN bun install
COPY apps/web/ .
# Vite outputs to ../backend/pb_public (relative to apps/web)
RUN mkdir -p /app/backend/pb_public && bun run build
# ============================================================
# Stage 2: Final image
# ============================================================
FROM alpine:3.20
ARG PB_VERSION=0.25.9
ARG TARGETARCH
ARG UID=1000
ARG GID=1000
RUN apk add --no-cache ca-certificates unzip wget su-exec
# Download PocketBase for the target architecture
RUN set -eux; \
case "$TARGETARCH" in \
amd64) PB_ARCH="amd64" ;; \
arm64) PB_ARCH="arm64" ;; \
arm*) PB_ARCH="armv7" ;; \
*) echo "Unsupported arch: $TARGETARCH" && exit 1 ;; \
esac; \
wget -q \
"https://github.com/pocketbase/pocketbase/releases/download/v${PB_VERSION}/pocketbase_${PB_VERSION}_linux_${PB_ARCH}.zip" \
-O /tmp/pb.zip; \
unzip /tmp/pb.zip pocketbase -d /pb; \
rm /tmp/pb.zip; \
chmod +x /pb/pocketbase
WORKDIR /pb
# Copy backend files (hooks, migrations, product knowledge base)
COPY apps/backend/pb_hooks ./pb_hooks
COPY apps/backend/pb_migrations ./pb_migrations
COPY apps/backend/LLMS.md ./LLMS.md
# Copy built frontend from stage 1
COPY --from=frontend-builder /app/backend/pb_public ./pb_public
# Persistent data directory (mounted as volume at runtime)
RUN mkdir -p pb_data
# Create non-root user with configurable UID/GID
RUN addgroup -g "$GID" zublo && \
adduser -u "$UID" -G zublo -S -D zublo && \
chown -R zublo:zublo /pb
# Entrypoint runs as root to fix volume permissions, then drops to zublo
COPY apps/backend/entrypoint.sh /pb/entrypoint.sh
RUN chmod +x /pb/entrypoint.sh
EXPOSE 9597
HEALTHCHECK --interval=30s --timeout=5s --start-period=15s --retries=3 \
CMD wget -q --spider http://localhost:9597/api/health || exit 1
ENTRYPOINT ["/pb/entrypoint.sh"]
CMD ["serve", "--http=0.0.0.0:9597"]