# Multi-stage Dockerfile for Medication Reminder App FROM node:20-slim AS base # Install system dependencies RUN apt-get update && apt-get install -y \ curl \ unzip \ && rm -rf /var/lib/apt/lists/* # Install Bun RUN curl -fsSL https://bun.sh/install | bash ENV PATH="/root/.bun/bin:$PATH" # Set working directory WORKDIR /app # Create non-root user RUN groupadd --gid 1001 nodeuser && \ useradd --uid 1001 --gid nodeuser --shell /bin/bash --create-home nodeuser # Builder stage FROM base AS builder # Copy package files COPY --chown=nodeuser:nodeuser package.json bun.lock* ./ # Install dependencies RUN bun install --frozen-lockfile # Copy source code COPY --chown=nodeuser:nodeuser . ./ # Build arguments for environment configuration # Build Environment - unified config will handle the rest ARG NODE_ENV=production # Only essential runtime variables that override unified config defaults # Note: VITE_COUCHDB_PASSWORD in ARG/ENV is acceptable for development builds # In production, use secrets management instead of build-time arguments ARG VITE_COUCHDB_URL ARG VITE_COUCHDB_USER ARG VITE_COUCHDB_PASSWORD # Set environment variables for build process # Unified config handles defaults, only set essential runtime overrides ENV NODE_ENV=$NODE_ENV ENV VITE_COUCHDB_URL=$VITE_COUCHDB_URL ENV VITE_COUCHDB_USER=$VITE_COUCHDB_USER ENV VITE_COUCHDB_PASSWORD=$VITE_COUCHDB_PASSWORD ENV NODE_ENV=$NODE_ENV # Build the application RUN bun run build # Production stage FROM nginx:alpine AS production # Install curl for health checks RUN apk add --no-cache curl # Copy built files from builder stage COPY --from=builder /app/dist /usr/share/nginx/html # Copy nginx configuration COPY nginx.conf /etc/nginx/conf.d/default.conf # Set proper permissions for nginx RUN chown -R nginx:nginx /usr/share/nginx/html && \ chown -R nginx:nginx /var/cache/nginx && \ chown -R nginx:nginx /var/log/nginx && \ chown -R nginx:nginx /etc/nginx/conf.d # Switch to nginx user USER nginx # Expose port EXPOSE 80 # Health check HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \ CMD curl -f http://localhost/health || exit 1 # Start nginx CMD ["nginx", "-g", "daemon off;"]