GrizzlyFlix/Tracearr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1cbee42faa745790a45db866c7d70f39b0d0cda1
Tracearr/docker/Dockerfile.supervised
Rephl3x 3015f48118
Some checks failed
CI / Lint & Typecheck (push) Has been cancelled
Details
CI / Test (routes) (push) Has been cancelled
Details
CI / Test (security) (push) Has been cancelled
Details
CI / Test (services) (push) Has been cancelled
Details
CI / Test (unit) (push) Has been cancelled
Details
CI / Test (integration) (push) Has been cancelled
Details
CI / Test Coverage (push) Has been cancelled
Details
CI / Build (push) Has been cancelled
Details
Initial Upload
2025-12-17 12:32:50 +13:00

135 lines
4.9 KiB
Docker
Raw Blame History

# Tracearr All-in-One Image (Supervised)
# Runs TimescaleDB, Redis, and Tracearr in a single container
# Ideal for simple deployments, Unraid, Synology, etc.
FROM node:22-bookworm-slim AS builder
RUN corepack enable && corepack prepare pnpm@10.24.0 --activate
WORKDIR /app
# Copy ALL workspace package.json files for lockfile resolution
COPY package.json pnpm-workspace.yaml pnpm-lock.yaml ./
COPY apps/server/package.json ./apps/server/
COPY apps/web/package.json ./apps/web/
COPY apps/mobile/package.json ./apps/mobile/
COPY packages/shared/package.json ./packages/shared/
COPY packages/test-utils/package.json ./packages/test-utils/
# Install dependencies
RUN pnpm install --frozen-lockfile
# Copy source code
COPY . .
# Build only production packages
RUN pnpm turbo run build --filter=@tracearr/shared --filter=@tracearr/server --filter=@tracearr/web
# =============================================================================
# Production All-in-One Image
# =============================================================================
FROM debian:bookworm-slim
# Install dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
curl \
ca-certificates \
gnupg \
lsb-release \
supervisor \
gosu \
openssl \
tzdata \
&& rm -rf /var/lib/apt/lists/*
# Install Node.js 22
RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \
&& apt-get install -y nodejs \
&& corepack enable \
&& corepack prepare pnpm@10.24.0 --activate \
&& rm -rf /var/lib/apt/lists/*
# Install PostgreSQL 15 + TimescaleDB
RUN curl -fsSL https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor -o /usr/share/keyrings/postgresql-keyring.gpg \
&& echo "deb [signed-by=/usr/share/keyrings/postgresql-keyring.gpg] http://apt.postgresql.org/pub/repos/apt bookworm-pgdg main" > /etc/apt/sources.list.d/pgdg.list \
&& curl -fsSL https://packagecloud.io/timescale/timescaledb/gpgkey | gpg --dearmor -o /usr/share/keyrings/timescaledb-keyring.gpg \
&& echo "deb [signed-by=/usr/share/keyrings/timescaledb-keyring.gpg] https://packagecloud.io/timescale/timescaledb/debian/ bookworm main" > /etc/apt/sources.list.d/timescaledb.list \
&& apt-get update \
&& apt-get install -y --no-install-recommends \
postgresql-15 \
timescaledb-2-postgresql-15 \
timescaledb-tools \
timescaledb-toolkit-postgresql-15 \
&& rm -rf /var/lib/apt/lists/*
# Install Redis
RUN apt-get update && apt-get install -y --no-install-recommends \
redis-server \
&& rm -rf /var/lib/apt/lists/*
# Note: PostgreSQL config is applied during initdb in entrypoint-supervised.sh
# The /etc/postgresql/15/main/ config is not used since we use a custom data directory
# Configure Redis to listen only on localhost
RUN sed -i 's/^bind .*/bind 127.0.0.1/' /etc/redis/redis.conf \
&& sed -i 's/^daemonize yes/daemonize no/' /etc/redis/redis.conf
# Create app directory
WORKDIR /app
# Copy built application from builder
COPY --from=builder /app/package.json ./
COPY --from=builder /app/pnpm-workspace.yaml ./
COPY --from=builder /app/pnpm-lock.yaml ./
COPY --from=builder /app/apps/server/package.json ./apps/server/
COPY --from=builder /app/apps/server/dist ./apps/server/dist
COPY --from=builder /app/apps/web/dist ./apps/web/dist
COPY --from=builder /app/packages/shared/package.json ./packages/shared/
COPY --from=builder /app/packages/shared/dist ./packages/shared/dist
COPY --from=builder /app/apps/server/src/db/migrations ./apps/server/src/db/migrations
# GeoIP database (bundled for geolocation features)
COPY data/GeoLite2-City.mmdb ./data/GeoLite2-City.mmdb
# Install production dependencies
RUN pnpm install --prod --frozen-lockfile
# Create tracearr user for running the application (non-root)
RUN groupadd --system --gid 1001 tracearr \
&& useradd --system --uid 1001 --gid tracearr --shell /bin/false tracearr
# Create data directories with proper ownership
RUN mkdir -p /data/postgres /data/redis /data/tracearr /var/log/supervisor \
&& chown -R postgres:postgres /data/postgres \
&& chown -R redis:redis /data/redis \
&& chown -R tracearr:tracearr /data/tracearr /app
# Supervisord configuration
COPY docker/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
# Startup scripts
COPY docker/entrypoint-supervised.sh /entrypoint.sh
COPY docker/start-tracearr.sh /start-tracearr.sh
RUN chmod 755 /entrypoint.sh /start-tracearr.sh
# Environment defaults
ENV NODE_ENV=production \
LOG_LEVEL=info \
PORT=3000 \
HOST=0.0.0.0 \
TZ=UTC \
DATABASE_URL=postgresql://tracearr:tracearr@127.0.0.1:5432/tracearr \
REDIS_URL=redis://127.0.0.1:6379
# Expose only the web port
EXPOSE 3000
# Volumes for persistent data
VOLUME ["/data/postgres", "/data/redis", "/data/tracearr"]
HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
CMD curl -f http://127.0.0.1:3000/health || exit 1
ENTRYPOINT ["/entrypoint.sh"]
CMD ["supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
Reference in New Issue View Git Blame Copy Permalink