Rephl3x
3015f48118
Some checks failed
CI / Lint & Typecheck (push) Has been cancelled
CI / Test (routes) (push) Has been cancelled
CI / Test (security) (push) Has been cancelled
CI / Test (services) (push) Has been cancelled
CI / Test (unit) (push) Has been cancelled
CI / Test (integration) (push) Has been cancelled
CI / Test Coverage (push) Has been cancelled
CI / Build (push) Has been cancelled
75 lines
2.2 KiB
Docker
75 lines
2.2 KiB
Docker
# Build stage
|
|
FROM node:22-alpine AS builder
|
|
|
|
RUN corepack enable && corepack prepare pnpm@10.24.0 --activate
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy ALL workspace package.json files for lockfile resolution
|
|
COPY package.json pnpm-workspace.yaml pnpm-lock.yaml ./
|
|
COPY apps/server/package.json ./apps/server/
|
|
COPY apps/web/package.json ./apps/web/
|
|
COPY apps/mobile/package.json ./apps/mobile/
|
|
COPY packages/shared/package.json ./packages/shared/
|
|
COPY packages/test-utils/package.json ./packages/test-utils/
|
|
|
|
# Install dependencies
|
|
RUN pnpm install --frozen-lockfile
|
|
|
|
# Copy source code
|
|
COPY . .
|
|
|
|
# Build only production packages (excludes test-utils, mobile)
|
|
RUN pnpm turbo run build --filter=@tracearr/shared --filter=@tracearr/server --filter=@tracearr/web
|
|
|
|
# Production stage
|
|
FROM node:22-alpine AS runner
|
|
|
|
RUN corepack enable && corepack prepare pnpm@10.24.0 --activate
|
|
|
|
WORKDIR /app
|
|
|
|
ENV NODE_ENV=production
|
|
|
|
# Copy package files for production install
|
|
COPY --from=builder /app/package.json ./
|
|
COPY --from=builder /app/pnpm-workspace.yaml ./
|
|
COPY --from=builder /app/pnpm-lock.yaml ./
|
|
|
|
# Server package
|
|
COPY --from=builder /app/apps/server/package.json ./apps/server/
|
|
COPY --from=builder /app/apps/server/dist ./apps/server/dist
|
|
|
|
# Web static files (served by server or reverse proxy)
|
|
COPY --from=builder /app/apps/web/dist ./apps/web/dist
|
|
|
|
# Shared package
|
|
COPY --from=builder /app/packages/shared/package.json ./packages/shared/
|
|
COPY --from=builder /app/packages/shared/dist ./packages/shared/dist
|
|
|
|
# Database migrations
|
|
COPY --from=builder /app/apps/server/src/db/migrations ./apps/server/src/db/migrations
|
|
|
|
# GeoIP database (if exists in build context)
|
|
COPY data/GeoLite2-City.mmdb ./data/GeoLite2-City.mmdb
|
|
|
|
# Install production dependencies only
|
|
RUN pnpm install --prod --frozen-lockfile
|
|
|
|
# Create non-root user
|
|
RUN addgroup --system --gid 1001 nodejs && \
|
|
adduser --system --uid 1001 tracearr
|
|
|
|
# Set ownership
|
|
RUN chown -R tracearr:nodejs /app
|
|
|
|
USER tracearr
|
|
|
|
EXPOSE 3000
|
|
|
|
# Health check - use 127.0.0.1 to force IPv4 (Alpine wget defaults to IPv6 first)
|
|
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
|
|
CMD wget --no-verbose --tries=1 --spider http://127.0.0.1:3000/health || exit 1
|
|
|
|
CMD ["node", "apps/server/dist/index.js"]
|