apps/web/Dockerfile at main · danieldaum.net/kaneo

danieldaum.net / kaneo

fork

kaneo (minimalist kanban) fork to experiment adding a tangled integration github.com/usekaneo/kaneo

fork

kaneo / apps / web / Dockerfile

at main 68 lines 2.3 kB view raw

wrap content

Andrej fix(docker): update nginx configuration for environment variable handling 18d ago

a693fd60

 1# Build stage
 2FROM --platform=$BUILDPLATFORM node:20-alpine AS builder
 3
 4# Install build dependencies in a single layer
 5RUN apk add --no-cache python3 make g++ && \
 6  corepack enable && \
 7  corepack prepare pnpm@10.7.0 --activate
 8
 9WORKDIR /app
10
11# Copy package files first for better layer caching
12COPY pnpm-workspace.yaml pnpm-lock.yaml package.json ./
13COPY apps/web/package.json ./apps/web/
14COPY packages/typescript-config/package.json ./packages/typescript-config/
15COPY packages/libs/package.json ./packages/libs/
16
17# Install dependencies
18RUN pnpm install --frozen-lockfile
19
20# Copy only necessary source code
21COPY packages/typescript-config ./packages/typescript-config
22COPY packages/libs ./packages/libs
23COPY i18n ./i18n
24COPY apps/web ./apps/web
25
26# Build the application
27WORKDIR /app/apps/web
28RUN pnpm run build
29
30# Production stage with specific version
31FROM nginx:1.29.5-alpine AS runtime
32
33# Create non-root user and configure nginx in a single layer
34RUN addgroup -g 1001 appuser && \
35  adduser -u 1001 -G appuser -D appuser && \
36  # Set permissions for nginx directories
37  chown -R appuser:appuser /var/cache/nginx && \
38  chmod -R 755 /var/cache/nginx && \
39  # Create directory for pid file
40  mkdir -p /var/run/nginx && \
41  chown -R appuser:appuser /var/run/nginx && \
42  chmod -R 755 /var/run/nginx && \
43  # Set permissions for nginx pid file
44  touch /var/run/nginx.pid && \
45  chown appuser:appuser /var/run/nginx.pid && \
46  chmod 644 /var/run/nginx.pid && \
47  # Update nginx configuration to run as non-root
48  sed -i 's/user  nginx;/user  appuser;/' /etc/nginx/nginx.conf && \
49  # Remove the user directive completely to avoid warnings
50  sed -i 's/user  appuser;//' /etc/nginx/nginx.conf
51
52# Copy built files from builder stage
53COPY --from=builder --chown=appuser:appuser /app/apps/web/dist /usr/share/nginx/html
54
55# Copy nginx configuration (writable so env.sh can substitute placeholders at runtime)
56COPY --chown=appuser:appuser apps/web/nginx.conf /etc/nginx/conf.d/default.conf
57RUN chown -R appuser:appuser /etc/nginx/conf.d
58
59# Copy and set permissions for environment script
60COPY --chown=appuser:appuser apps/web/env.sh /docker-entrypoint.d/env.sh
61RUN chmod +x /docker-entrypoint.d/env.sh
62
63# Switch to non-root user
64USER appuser
65EXPOSE 5173
66
67# Use exec form of CMD for proper signal handling
68CMD ["nginx", "-g", "daemon off;"]

Configure Feed

Configure Feed