95 lines
2.3 KiB
Docker
95 lines
2.3 KiB
Docker
# Multi-stage Dockerfile for Medication Reminder App
|
|
FROM node:20-slim AS base
|
|
|
|
# Install system dependencies
|
|
RUN apt-get update && apt-get install -y \
|
|
curl \
|
|
unzip \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# Install Bun
|
|
RUN curl -fsSL https://bun.sh/install | bash
|
|
ENV PATH="/root/.bun/bin:$PATH"
|
|
|
|
# Set working directory
|
|
WORKDIR /app
|
|
|
|
# Create non-root user
|
|
RUN groupadd --gid 1001 nodeuser && \
|
|
useradd --uid 1001 --gid nodeuser --shell /bin/bash --create-home nodeuser
|
|
|
|
# Builder stage
|
|
FROM base AS builder
|
|
|
|
# Copy package files
|
|
COPY --chown=nodeuser:nodeuser package.json bun.lock* ./
|
|
|
|
# Install dependencies
|
|
RUN bun install --frozen-lockfile
|
|
|
|
# Copy source code
|
|
COPY --chown=nodeuser:nodeuser . ./
|
|
|
|
# Build arguments for environment configuration
|
|
# Build Environment - unified config will handle the rest
|
|
ARG NODE_ENV=production
|
|
|
|
# Only essential runtime variables that override unified config defaults
|
|
# Note: VITE_COUCHDB_PASSWORD in ARG/ENV is acceptable for development builds
|
|
# In production, use secrets management instead of build-time arguments
|
|
ARG VITE_COUCHDB_URL
|
|
ARG VITE_COUCHDB_USER
|
|
ARG VITE_COUCHDB_PASSWORD
|
|
|
|
# Set environment variables for build process
|
|
# Unified config handles defaults, only set essential runtime overrides
|
|
ENV NODE_ENV=$NODE_ENV
|
|
ENV VITE_COUCHDB_URL=$VITE_COUCHDB_URL
|
|
ENV VITE_COUCHDB_USER=$VITE_COUCHDB_USER
|
|
ENV VITE_COUCHDB_PASSWORD=$VITE_COUCHDB_PASSWORD
|
|
ENV NODE_ENV=$NODE_ENV
|
|
|
|
# Build the application
|
|
RUN bun run build
|
|
|
|
# Production stage
|
|
FROM caddy:2-alpine AS production
|
|
|
|
# Install curl for health checks
|
|
RUN apk add --no-cache curl
|
|
|
|
# Copy built files from builder stage
|
|
COPY --from=builder --chown=caddy:caddy /app/dist /usr/share/caddy
|
|
|
|
# Configure Caddy to serve SPA with health endpoint (no TLS)
|
|
RUN cat > /etc/caddy/Caddyfile <<'CADDY'
|
|
:80 {
|
|
encode zstd gzip
|
|
root * /usr/share/caddy
|
|
|
|
handle_path /health {
|
|
respond "ok" 200
|
|
}
|
|
|
|
file_server
|
|
|
|
@spa not file
|
|
rewrite @spa /index.html
|
|
}
|
|
CADDY
|
|
|
|
# Permissions: using default ownership; no chown required
|
|
|
|
# Switch to caddy user
|
|
USER caddy
|
|
|
|
# Expose port
|
|
EXPOSE 80
|
|
|
|
# Health check
|
|
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
|
|
CMD curl -f http://localhost/health || exit 1
|
|
|
|
# Start caddy
|
|
CMD ["caddy", "run", "--config", "/etc/caddy/Caddyfile", "--adapter", "caddyfile"]
|