49 lines
1.4 KiB
Docker
49 lines
1.4 KiB
Docker
# ── Stage 1: Build ─────────────────────────────────────────
|
|
FROM node:18-alpine AS builder
|
|
WORKDIR /app
|
|
|
|
# native build deps (better-sqlite3 etc)
|
|
RUN apk add --no-cache python3 make g++
|
|
|
|
# install ALL deps (vite needs dev deps)
|
|
COPY package*.json ./
|
|
RUN npm ci
|
|
|
|
# copy full project
|
|
COPY . .
|
|
|
|
# build frontend
|
|
RUN npm run build
|
|
|
|
|
|
# ── Stage 2: Runtime ───────────────────────────────────────
|
|
FROM node:18-alpine
|
|
WORKDIR /app
|
|
|
|
# minimal tools for debugging inside container + privilege drop in entrypoint
|
|
RUN apk add --no-cache bash nano su-exec
|
|
|
|
# create non-root user
|
|
RUN addgroup -S bill && adduser -S bill -G bill
|
|
|
|
# copy EVERYTHING from builder (no missing files)
|
|
COPY --from=builder /app ./
|
|
COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
|
|
|
|
# setup persistent data dirs and a writable fallback backup dir
|
|
RUN mkdir -p /data/db /data/backups /app/backups \
|
|
&& chown -R bill:bill /data /app/backups \
|
|
&& chmod 700 /data/db /data/backups /app/backups \
|
|
&& chmod +x /usr/local/bin/docker-entrypoint.sh
|
|
|
|
ENV NODE_ENV=production \
|
|
PORT=3000 \
|
|
DB_PATH=/data/db/bills.db \
|
|
BACKUP_PATH=/data/backups
|
|
|
|
EXPOSE 3000
|
|
VOLUME ["/data"]
|
|
|
|
ENTRYPOINT ["docker-entrypoint.sh"]
|
|
CMD ["node", "server.js"]
|