# Build stage FROM node:22-alpine AS builder RUN corepack enable && corepack prepare pnpm@10.24.0 --activate WORKDIR /app # Copy ALL workspace package.json files for lockfile resolution COPY package.json pnpm-workspace.yaml pnpm-lock.yaml ./ COPY apps/server/package.json ./apps/server/ COPY apps/web/package.json ./apps/web/ COPY apps/mobile/package.json ./apps/mobile/ COPY packages/shared/package.json ./packages/shared/ COPY packages/test-utils/package.json ./packages/test-utils/ # Install dependencies RUN pnpm install --frozen-lockfile # Copy source code COPY . . # Build only production packages (excludes test-utils, mobile) RUN pnpm turbo run build --filter=@tracearr/shared --filter=@tracearr/server --filter=@tracearr/web # Production stage FROM node:22-alpine AS runner RUN corepack enable && corepack prepare pnpm@10.24.0 --activate WORKDIR /app ENV NODE_ENV=production # Copy package files for production install COPY --from=builder /app/package.json ./ COPY --from=builder /app/pnpm-workspace.yaml ./ COPY --from=builder /app/pnpm-lock.yaml ./ # Server package COPY --from=builder /app/apps/server/package.json ./apps/server/ COPY --from=builder /app/apps/server/dist ./apps/server/dist # Web static files (served by server or reverse proxy) COPY --from=builder /app/apps/web/dist ./apps/web/dist # Shared package COPY --from=builder /app/packages/shared/package.json ./packages/shared/ COPY --from=builder /app/packages/shared/dist ./packages/shared/dist # Database migrations COPY --from=builder /app/apps/server/src/db/migrations ./apps/server/src/db/migrations # GeoIP database (if exists in build context) COPY data/GeoLite2-City.mmdb ./data/GeoLite2-City.mmdb # Install production dependencies only RUN pnpm install --prod --frozen-lockfile # Create non-root user RUN addgroup --system --gid 1001 nodejs && \ adduser --system --uid 1001 tracearr # Set ownership RUN chown -R tracearr:nodejs /app USER tracearr EXPOSE 3000 # Health check - use 127.0.0.1 to force IPv4 (Alpine wget defaults to IPv6 first) HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ CMD wget --no-verbose --tries=1 --spider http://127.0.0.1:3000/health || exit 1 CMD ["node", "apps/server/dist/index.js"]