57 lines
2.3 KiB
Docker
57 lines
2.3 KiB
Docker
# syntax=docker/dockerfile:1.7
|
|
# ─────────────────────────────────────────────────────────────
|
|
# LexiChain — Production Dockerfile
|
|
# Multi-stage build:
|
|
# deps → install npm dependencies
|
|
# builder → generate Prisma client + build Next.js
|
|
# runner → minimal production image (non-root user)
|
|
# ─────────────────────────────────────────────────────────────
|
|
|
|
# ── Stage 1: base ────────────────────────────────────────────
|
|
FROM node:20-alpine AS base
|
|
WORKDIR /app
|
|
ENV NEXT_TELEMETRY_DISABLED=1
|
|
|
|
# ── Stage 2: install dependencies ────────────────────────────
|
|
FROM base AS deps
|
|
# libc6-compat is needed for some native modules on Alpine
|
|
RUN apk add --no-cache libc6-compat
|
|
COPY package.json package-lock.json* ./
|
|
RUN npm ci --ignore-scripts
|
|
|
|
# ── Stage 3: build ───────────────────────────────────────────
|
|
FROM base AS builder
|
|
RUN apk add --no-cache libc6-compat
|
|
COPY --from=deps /app/node_modules ./node_modules
|
|
COPY . .
|
|
# Generate Prisma client before building Next.js
|
|
RUN npx prisma generate
|
|
RUN npm run build
|
|
|
|
# ── Stage 4: production runner ───────────────────────────────
|
|
FROM base AS runner
|
|
RUN apk add --no-cache libc6-compat
|
|
|
|
ENV NODE_ENV=production
|
|
ENV PORT=3000
|
|
ENV HOSTNAME="0.0.0.0"
|
|
|
|
# Create a non-root user for security
|
|
RUN addgroup --system --gid 1001 nodejs \
|
|
&& adduser --system --uid 1001 nextjs
|
|
|
|
# Copy the standalone output from builder
|
|
COPY --from=builder /app/public ./public
|
|
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
|
|
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
|
|
|
|
USER nextjs
|
|
|
|
EXPOSE 3000
|
|
|
|
# Health check — verifies the app is responding before traffic is routed
|
|
HEALTHCHECK --interval=30s --timeout=10s --start-period=30s --retries=3 \
|
|
CMD wget -qO- http://localhost:3000/api/health || exit 1
|
|
|
|
CMD ["node", "server.js"]
|