60 lines
1.3 KiB
Docker
60 lines
1.3 KiB
Docker
# Build stage
|
|
FROM node:20-alpine AS builder
|
|
|
|
# Add a non-root user
|
|
RUN addgroup -g 1001 -S nodejs && \
|
|
adduser -S nextjs -u 1001
|
|
|
|
WORKDIR /app
|
|
|
|
# Install pnpm
|
|
RUN npm install -g pnpm
|
|
|
|
# Copy package files
|
|
COPY package.json pnpm-lock.yaml ./
|
|
|
|
# Install dependencies with cache optimization
|
|
RUN --mount=type=cache,target=/root/.local/share/pnpm/store \
|
|
pnpm install --frozen-lockfile
|
|
|
|
# Copy source code
|
|
COPY . .
|
|
|
|
# Build application
|
|
RUN pnpm build
|
|
|
|
# Production stage
|
|
FROM node:20-alpine AS runner
|
|
|
|
# Add a non-root user
|
|
RUN addgroup -g 1001 -S nodejs && \
|
|
adduser -S nextjs -u 1001
|
|
|
|
WORKDIR /app
|
|
|
|
# Install pnpm
|
|
RUN npm install -g pnpm
|
|
|
|
# Set production environment
|
|
ENV NODE_ENV=production
|
|
ENV PORT=3000
|
|
|
|
# Copy necessary files from builder
|
|
COPY --from=builder --chown=nextjs:nodejs /app/package.json .
|
|
COPY --from=builder --chown=nextjs:nodejs /app/pnpm-lock.yaml .
|
|
COPY --from=builder --chown=nextjs:nodejs /app/.next ./.next
|
|
COPY --from=builder --chown=nextjs:nodejs /app/public ./public
|
|
COPY --from=builder --chown=nextjs:nodejs /app/next.config.js .
|
|
|
|
# Install production dependencies only
|
|
RUN --mount=type=cache,target=/root/.local/share/pnpm/store \
|
|
pnpm install --prod --frozen-lockfile
|
|
|
|
# Switch to non-root user
|
|
USER nextjs
|
|
|
|
# Expose port
|
|
EXPOSE 3000
|
|
|
|
# Start the application
|
|
CMD ["pnpm", "start"] |