-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathDockerfile
199 lines (140 loc) · 4.97 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
ARG NODE_VERSION=22.13.0
ARG NGINX_VERSION=1.27.2
ARG UID=1000
#############
# Node #
#############
FROM node:${NODE_VERSION}-bookworm-slim AS node
LABEL org.opencontainers.image.authors="[email protected]"
ARG UID
# Fix: "FATAL ERROR: Reached heap limit Allocation failed - JavaScript heap out of memory"
ENV NODE_OPTIONS="--max_old_space_size=4096"
# Prevent Corepack pnpm download confirm prompt
ENV COREPACK_ENABLE_DOWNLOAD_PROMPT=0
SHELL ["/bin/bash", "-e", "-o", "pipefail", "-c"]
RUN <<EOF
apt-get --quiet update
apt-get --quiet --yes --purge --autoremove upgrade
# Packages - System
apt-get --quiet --yes --no-install-recommends --verbose-versions install \
curl \
less \
sudo
rm -rf /var/lib/apt/lists/*
# User
groupmod --gid ${UID} node
usermod --uid ${UID} node
chown --verbose --recursive ${UID}:${UID} /home/node
echo "node ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/node
# App
install --verbose --owner node --group node --mode 0755 --directory /app
# Pnpm
corepack enable pnpm
EOF
WORKDIR /app
#######################
# Node - Prod - Build #
#######################
FROM node AS node-prod-build
ENV NITRO_PRESET=node_server
# Use the cluster preset to run the app with multiple workers
# There is an issue in Nitro 2.10.4
#ENV NITRO_PRESET=node_cluster
USER node
# Make sure to copy pnpm-lock.yaml .npmrc to stick to the same versions
# and avoid any issues with the versions of the dependencies
COPY --link --chown=${UID}:${UID} package.json pnpm-lock.yaml .npmrc ./
# Install dependencies
RUN pnpm install --frozen-lockfile
COPY --link --chown=${UID}:${UID} . .
RUN pnpm build
##############################
# Node - Maintenance - Build #
##############################
FROM node AS node-maintenance-build
USER node
# Make sure to copy pnpm-lock.yaml .npmrc to stick to the same versions
# and avoid any issues with the versions of the dependencies
COPY --link --chown=${UID}:${UID} package.json pnpm-lock.yaml .npmrc ./
# Install dependencies
RUN pnpm install --frozen-lockfile
COPY --link --chown=${UID}:${UID} . .
RUN pnpm generate:maintenance
###############
# Node - DEV #
###############
FROM node AS node-dev
ENV NITRO_HOST=0.0.0.0
ENV NITRO_PORT=3000
USER node
# In development, we need to expose the port 3000 and declare a volume on app folder
VOLUME /app
CMD ["pnpm", "dev"]
###############
# Node - Prod #
###############
FROM node AS node-prod
ENV NITRO_PORT=3000
ENV NODE_ENV=production
ENV NITRO_PRESET=node_server
# Use the cluster preset to run the app with multiple workers
# There is an issue in Nitro 2.10.4
#ENV NITRO_PRESET=node_cluster
#ENV NITRO_CLUSTER_WORKERS=3
USER node
COPY --link --from=node-prod-build --chown=${UID}:${UID} /app/.output .
CMD ["node", "server/index.mjs"]
#########
# Nginx #
#########
FROM nginx:${NGINX_VERSION}-bookworm AS nginx
LABEL org.opencontainers.image.authors="[email protected]"
ARG UID
SHELL ["/bin/bash", "-e", "-o", "pipefail", "-c"]
RUN <<EOF
# Packages
apt-get --quiet update
apt-get --quiet --yes --purge --autoremove upgrade
apt-get --quiet --yes --no-install-recommends --verbose-versions install \
less \
sudo
rm -rf /var/lib/apt/lists/*
# User
groupmod --gid ${UID} nginx
usermod --uid ${UID} nginx
echo "nginx ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/nginx
# App
install --verbose --owner nginx --group nginx --mode 0755 --directory /app
EOF
WORKDIR /app
#########
# Nginx #
#########
FROM nginx AS nginx-prod
# Silence entrypoint logs
ENV NGINX_ENTRYPOINT_QUIET_LOGS=1
# Config
COPY --link docker/nginx/nginx.conf /etc/nginx/nginx.conf
COPY --link docker/nginx/redirections.conf /etc/nginx/redirections.conf
COPY --link docker/nginx/mime.types /etc/nginx/mime.types
COPY --link docker/nginx/conf.d/_gzip.conf /etc/nginx/conf.d/_gzip.conf
COPY --link docker/nginx/conf.d/_security.conf /etc/nginx/conf.d/_security.conf
COPY --link docker/nginx/conf.d/default.prod.conf /etc/nginx/conf.d/default.conf
HEALTHCHECK --start-period=1m30s --interval=1m --timeout=6s CMD curl --fail -I http://localhost
COPY --link --from=node-prod-build --chown=${UID}:${UID} /app/.output/public /app/public
#######################
# Nginx - Maintenance #
#######################
FROM nginx AS nginx-maintenance
# Silence entrypoint logs
ENV NGINX_ENTRYPOINT_QUIET_LOGS=1
# Config
COPY --link docker/nginx/nginx.conf /etc/nginx/nginx.conf
COPY --link docker/nginx/redirections.conf /etc/nginx/redirections.conf
COPY --link docker/nginx/mime.types /etc/nginx/mime.types
COPY --link docker/nginx/conf.d/_gzip.conf /etc/nginx/conf.d/_gzip.conf
COPY --link docker/nginx/conf.d/_security.conf /etc/nginx/conf.d/_security.conf
COPY --link docker/nginx/conf.d/maintenance.prod.conf /etc/nginx/conf.d/default.conf
# Copy Nuxt static files and rename maintenance to root page
COPY --link --from=node-maintenance-build --chown=${UID}:${UID} /app/.output/public /app/public
RUN mv /app/public/maintenance.html /app/public/index.html