Sharang Parnerkar
07039cc408
Build pitch-deck / build-push-deploy (push) Successful in 1m18s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-consent (push) Successful in 29s
CI / test-python-voice (push) Successful in 30s
CI / test-bqas (push) Successful in 29s
Docker volume inherits directory ownership from the image on first mount. Without this, the volume mounts as root and the nextjs (uid 1001) process gets EACCES when trying to write dataroom uploads. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
54 lines
1.1 KiB
Docker
54 lines
1.1 KiB
Docker
# Build stage
|
|
FROM node:20-alpine AS builder
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy package files
|
|
COPY package.json package-lock.json* ./
|
|
|
|
# Install dependencies
|
|
RUN npm install
|
|
|
|
# Copy source code
|
|
COPY . .
|
|
|
|
# Embed git commit hash into build
|
|
ARG GIT_SHA=dev
|
|
ENV GIT_SHA=$GIT_SHA
|
|
|
|
# Build the application
|
|
RUN npm run build
|
|
|
|
# Production stage
|
|
FROM node:20-alpine AS runner
|
|
|
|
WORKDIR /app
|
|
|
|
# Set to production
|
|
ENV NODE_ENV=production
|
|
|
|
# Create non-root user
|
|
RUN addgroup --system --gid 1001 nodejs
|
|
RUN adduser --system --uid 1001 nextjs
|
|
|
|
# Create dataroom storage directory owned by nextjs so mounted volumes
|
|
# inherit the correct ownership on first initialisation
|
|
RUN mkdir -p /data/dataroom && chown -R nextjs:nodejs /data/dataroom
|
|
|
|
# Copy built assets
|
|
COPY --from=builder --chown=nextjs:nodejs /app/public ./public
|
|
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
|
|
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
|
|
|
|
# Switch to non-root user
|
|
USER nextjs
|
|
|
|
# Expose port
|
|
EXPOSE 3000
|
|
|
|
# Set hostname
|
|
ENV HOSTNAME="0.0.0.0"
|
|
|
|
# Start the application
|
|
CMD ["node", "server.js"]
|