48 lines
1.5 KiB
Docker
48 lines
1.5 KiB
Docker
# ─── Stage 1: deps ───────────────────────────────────────────────────────────
|
|
FROM node:22-alpine AS deps
|
|
RUN corepack enable && corepack prepare pnpm@latest --activate
|
|
|
|
WORKDIR /app
|
|
|
|
COPY package.json pnpm-lock.yaml pnpm-workspace.yaml ./
|
|
RUN pnpm install --frozen-lockfile
|
|
|
|
# ─── Stage 2: builder ────────────────────────────────────────────────────────
|
|
FROM node:22-alpine AS builder
|
|
RUN corepack enable && corepack prepare pnpm@latest --activate
|
|
|
|
WORKDIR /app
|
|
|
|
COPY --from=deps /app/node_modules ./node_modules
|
|
COPY . .
|
|
|
|
# Build-time env (optional — override at runtime via docker-compose)
|
|
ARG API_URL
|
|
ENV API_URL=${API_URL}
|
|
|
|
RUN pnpm build
|
|
|
|
# ─── Stage 3: runner (production) ────────────────────────────────────────────
|
|
FROM node:22-alpine AS runner
|
|
|
|
WORKDIR /app
|
|
|
|
ENV NODE_ENV=production
|
|
ENV PORT=3000
|
|
ENV HOSTNAME=0.0.0.0
|
|
|
|
# Security: run as non-root user
|
|
RUN addgroup --system --gid 1001 nodejs \
|
|
&& adduser --system --uid 1001 nextjs
|
|
|
|
# Copy only what's needed to run
|
|
COPY --from=builder /app/public ./public
|
|
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
|
|
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
|
|
|
|
USER nextjs
|
|
|
|
EXPOSE 3000
|
|
|
|
CMD ["node", "server.js"]
|