2026-05-19 01:17:58 -05:00
|
|
|
# syntax=docker/dockerfile:1
|
|
|
|
|
|
|
|
|
|
FROM node:20-alpine AS deps
|
|
|
|
|
WORKDIR /app
|
|
|
|
|
|
|
|
|
|
COPY package.json package-lock.json ./
|
|
|
|
|
RUN npm ci
|
|
|
|
|
|
|
|
|
|
FROM node:20-alpine AS builder
|
|
|
|
|
WORKDIR /app
|
|
|
|
|
|
|
|
|
|
COPY --from=deps /app/node_modules ./node_modules
|
|
|
|
|
COPY . ./
|
|
|
|
|
|
|
|
|
|
# Allows configuring the API URL at build time.
|
|
|
|
|
ARG NEXT_PUBLIC_API_URL=auto
|
|
|
|
|
ENV NEXT_PUBLIC_API_URL=${NEXT_PUBLIC_API_URL}
|
|
|
|
|
ARG NEXT_PUBLIC_AUTH_MODE
|
|
|
|
|
ENV NEXT_PUBLIC_AUTH_MODE=${NEXT_PUBLIC_AUTH_MODE}
|
|
|
|
|
|
|
|
|
|
RUN npm run build
|
|
|
|
|
|
|
|
|
|
FROM node:20-alpine AS runner
|
|
|
|
|
WORKDIR /app
|
|
|
|
|
|
|
|
|
|
ENV NODE_ENV=production
|
|
|
|
|
ARG NEXT_PUBLIC_AUTH_MODE
|
|
|
|
|
|
|
|
|
|
# If provided at runtime, Next will expose NEXT_PUBLIC_* to the browser as well
|
|
|
|
|
# (but note some values may be baked at build time).
|
|
|
|
|
ENV NEXT_PUBLIC_API_URL=auto
|
|
|
|
|
ENV NEXT_PUBLIC_AUTH_MODE=${NEXT_PUBLIC_AUTH_MODE}
|
|
|
|
|
|
|
|
|
|
# Create non-root user before COPY so --chown can reference it.
|
2026-05-19 21:57:38 -05:00
|
|
|
RUN addgroup -S appgroup && adduser -S -G appgroup appuser
|
2026-05-19 01:17:58 -05:00
|
|
|
|
2026-05-19 21:57:38 -05:00
|
|
|
# Copy standalone output from builder
|
|
|
|
|
COPY --from=builder --chown=appuser:appgroup /app/.next/standalone ./
|
|
|
|
|
COPY --from=builder --chown=appuser:appgroup /app/.next/static ./.next/static
|
|
|
|
|
COPY --from=builder --chown=appuser:appgroup /app/public ./public
|
2026-05-19 01:17:58 -05:00
|
|
|
|
|
|
|
|
USER appuser
|
|
|
|
|
|
|
|
|
|
EXPOSE 3000
|
|
|
|
|
|
2026-05-19 21:57:38 -05:00
|
|
|
CMD ["node", "server.js"]
|