working on basic service setup, auth, conf
This commit is contained in:
86
Dockerfile
Normal file
86
Dockerfile
Normal file
@@ -0,0 +1,86 @@
|
||||
|
||||
ARG NODE_VERSION="20"
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# =====
|
||||
# 1. Build Stage
|
||||
# =====
|
||||
|
||||
FROM node:${NODE_VERSION}-alpine AS build_stage
|
||||
ENV BUILD_PATH="/app.build"
|
||||
|
||||
# Make a directory to build the application in
|
||||
RUN mkdir -p $BUILD_PATH
|
||||
WORKDIR $BUILD_PATH
|
||||
|
||||
# Install common build dependencies
|
||||
# see: https://github.com/gliderlabs/docker-alpine/blob/master/docs/usage.md (re: `--no-cache` flag)
|
||||
RUN apk add --no-cache \
|
||||
python3 \
|
||||
g++ \
|
||||
make \
|
||||
bash
|
||||
|
||||
# Copy over the application files
|
||||
COPY package.json package-lock.json tsconfig.json ${BUILD_PATH}/
|
||||
COPY src/ ${BUILD_PATH}/src/
|
||||
|
||||
# Install dependencies and build the application source
|
||||
RUN npm ci
|
||||
RUN npm run tsc
|
||||
|
||||
# Remove any dev dependencies now that the app is built
|
||||
RUN npm prune --production
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
# =====
|
||||
# 2. Distribution Stage
|
||||
# =====
|
||||
|
||||
FROM node:${NODE_VERSION}-alpine AS dist_stage
|
||||
ENV BUILD_PATH="/app.build"
|
||||
|
||||
# Environment variables to control where the various application
|
||||
# components are located. You probably don't need to change these
|
||||
ENV APP_PATH="/app"
|
||||
ENV DATA_PATH="/app.data"
|
||||
ENV CONF_PATH="/app.conf"
|
||||
|
||||
# Create a new user/group to run the application
|
||||
RUN addgroup appuser && \
|
||||
adduser \
|
||||
--no-create-home \
|
||||
--disabled-password \
|
||||
--gecos "" \
|
||||
--ingroup appuser \
|
||||
appuser
|
||||
|
||||
# Make a directory to store configuration
|
||||
VOLUME [ "${DATA_PATH}" ]
|
||||
RUN mkdir -p ${DATA_PATH} && \
|
||||
chown appuser:appuser ${DATA_PATH} && \
|
||||
chmod 0700 ${DATA_PATH}
|
||||
|
||||
# Make a directory to store configuration
|
||||
VOLUME [ "${CONF_PATH}" ]
|
||||
RUN mkdir -p ${CONF_PATH} && \
|
||||
chown appuser:appuser ${CONF_PATH} && \
|
||||
chmod 0500 ${CONF_PATH}
|
||||
|
||||
# Copy over the built application code
|
||||
COPY --from=build_stage --chown=appuser:appuser --chmod=500 ${BUILD_PATH}/build/ ${APP_PATH}/
|
||||
|
||||
# Copy over the production node_modules
|
||||
COPY --from=build_stage --chown=appuser:appuser --chmod=500 ${BUILD_PATH}/node_modules/ /node_modules/
|
||||
|
||||
# Run the application with the user/group given permissions above
|
||||
USER appuser:appuser
|
||||
|
||||
# Run the application by default
|
||||
ENTRYPOINT [ "node", "${APP_PATH}/start.js" ]
|
||||
Reference in New Issue
Block a user