47 lines
1.9 KiB
Docker
47 lines
1.9 KiB
Docker
# syntax=docker/dockerfile:1.7
|
|
|
|
# ─── Stage 1: install deps (cacheable) ──────────────────────────────────────
|
|
FROM node:22-alpine AS deps
|
|
WORKDIR /app
|
|
# libc6-compat helps some native deps (bcryptjs is pure JS so not strictly
|
|
# needed, but cheap insurance for pg / future native deps).
|
|
RUN apk add --no-cache libc6-compat
|
|
COPY package.json package-lock.json ./
|
|
RUN npm ci
|
|
|
|
# ─── Stage 2: build ──────────────────────────────────────────────────────────
|
|
FROM node:22-alpine AS builder
|
|
WORKDIR /app
|
|
COPY --from=deps /app/node_modules ./node_modules
|
|
COPY . .
|
|
|
|
# next.config.ts has `output: "standalone"`, which writes a minimal Node
|
|
# server bundle to .next/standalone — used by the runtime stage below.
|
|
RUN npm run build
|
|
|
|
# ─── Stage 3: runtime ────────────────────────────────────────────────────────
|
|
FROM node:22-alpine AS runner
|
|
WORKDIR /app
|
|
|
|
ENV NODE_ENV=production \
|
|
PORT=3000 \
|
|
HOSTNAME=0.0.0.0 \
|
|
NEXT_TELEMETRY_DISABLED=1
|
|
|
|
# Non-root user for the app process.
|
|
RUN addgroup --system --gid 1001 nodejs \
|
|
&& adduser --system --uid 1001 --ingroup nodejs nextjs
|
|
|
|
# Standalone output bundles only the files needed to run the server, plus a
|
|
# trimmed node_modules. Public assets and .next/static are still external.
|
|
COPY --from=builder --chown=nextjs:nodejs /app/public ./public
|
|
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
|
|
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
|
|
|
|
USER nextjs
|
|
EXPOSE 3000
|
|
|
|
# server.js is generated by Next's standalone output; it reads PORT/HOSTNAME
|
|
# from the environment at startup, so docker compose can inject them.
|
|
CMD ["node", "server.js"]
|