-
Notifications
You must be signed in to change notification settings - Fork 1
/
dockerfile
103 lines (79 loc) · 3.42 KB
/
dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
# obtained from
# https://github.com/vercel/next.js/blob/canary/examples/with-docker/Dockerfile
# https://dev.to/maxdemaio/nextjs-and-docker-2496
#
# docker best practice
# https://snyk.io/blog/10-docker-image-security-best-practices/
# Building image
# docker build -t uhunt:dev -f ./dockerfile .
# tldr
# - Stage: dev
# - copy package.json and package-lock.json to docker image
# - install npm packages using package.json and package-lock.json
# - Stage: builder
# - copy node_modules from stage `dev`
# - copy source files to docker image
# - build source files using NextJS
# - Stage: runner
# - apply docker image label for Github container registry
# - Set ENV to production
# - Copy build files from stage builder
# - Switch to the newly created user
# - Expose port (default to 3000)
# - Run production server
####################################################################################################
# Base on official Node.js Alpine image
FROM node:alpine AS base
#--------------------------------------------------------------------------------------------------#
# Install dependencies only when needed
FROM base AS deps
# Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed.
RUN apk add --no-cache libc6-compat
# Set working directory
WORKDIR /app
# Copy package.json and package-lock.json before other files
# Utilize Docker cache to save re-installing dependencies if unchanged
COPY package*.json ./
# Install dependencies
# check npm help ci
RUN npm clean-install
#--------------------------------------------------------------------------------------------------#
# Rebuild the source code only when needed
FROM base AS builder
WORKDIR /app
COPY --from=deps /app/node_modules ./node_modules
COPY ./ ./
# Build app
# Next.js collects completely anonymous telemetry data about general usage.
# Learn more here: https://nextjs.org/telemetry
# Uncomment the following line in case you want to disable telemetry.
# ENV NEXT_TELEMETRY_DISABLED 1
RUN npm run build
#--------------------------------------------------------------------------------------------------#
# Production image, copy all the files and run next
FROM base AS runner
# label used to connect the docker image to the github repo
# check https://docs.github.com/en/free-pro-team@latest/packages/guides/connecting-a-repository-to-a-container-image#connecting-a-repository-to-a-container-image-on-the-command-line
# LABEL org.opencontainers.image.source https://github.com/username/repo
WORKDIR /app
ENV NODE_ENV production
# Uncomment the following line in case you want to disable telemetry during runtime.
# ENV NEXT_TELEMETRY_DISABLED 1
RUN addgroup --system --gid 1001 nodejs
RUN adduser --system --uid 1001 nextjs
# Set the correct permission for prerender cache
RUN mkdir .next
RUN chown nextjs:nodejs .next
# Automatically leverage output traces to reduce image size
# https://nextjs.org/docs/advanced-features/output-file-tracing
COPY --from=builder /app/public ./public
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
USER nextjs
EXPOSE 3000
ENV PORT 3000
# set hostname to localhost
ENV HOSTNAME "0.0.0.0"
# server.js is created by next build from the standalone output
# https://nextjs.org/docs/pages/api-reference/next-config-js/output
CMD ["node", "server.js"]