forked from algorithm-visualizer/algorithm-visualizer
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile.production
More file actions
135 lines (106 loc) · 4.62 KB
/
Dockerfile.production
File metadata and controls
135 lines (106 loc) · 4.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
# Multi-stage production Dockerfile for Algorithm Visualizer + dStack
# Optimized for Phala Cloud TEE deployment
# ============================================
# Stage 1: Base dependencies
# ============================================
FROM node:20-alpine AS base
RUN apk add --no-cache libc6-compat python3 py3-pip make g++ git
# Add platform compatibility for TailwindCSS v4
ENV NEXT_TELEMETRY_DISABLED=1
ENV SKIP_ENV_VALIDATION=1
WORKDIR /app
# ============================================
# Stage 2: Dependencies installation
# ============================================
FROM base AS deps
# Copy template package files only (skip main app dependencies)
COPY templates/remote-attestation-template/package*.json ./templates/remote-attestation-template/
# Install template dependencies (including dev for build)
WORKDIR /app/templates/remote-attestation-template
RUN npm ci
# ============================================
# Stage 3: Python dependencies
# ============================================
FROM python:3.11-alpine AS python-deps
RUN apk add --no-cache gcc musl-dev libffi-dev openssl-dev
WORKDIR /app
# Copy Python requirements
COPY templates/remote-attestation-template/api/requirements.txt ./api/
RUN pip install --no-cache-dir -r api/requirements.txt
# ============================================
# Stage 4: Next.js build
# ============================================
FROM base AS builder
WORKDIR /app
# Copy dependencies from deps stage
COPY --from=deps /app/templates/remote-attestation-template/node_modules ./templates/remote-attestation-template/node_modules
# Copy source code
COPY . .
# Build Next.js application
WORKDIR /app/templates/remote-attestation-template
ENV NEXT_TELEMETRY_DISABLED=1
ENV NODE_ENV=production
# Build the application
RUN npm run build
# ============================================
# Stage 5: Bun runtime (optional)
# ============================================
FROM oven/bun:1-alpine AS bun-runtime
WORKDIR /app
# Copy Bun server files
COPY templates/remote-attestation-template/bun-server ./bun-server
WORKDIR /app/bun-server
RUN bun install --production
# ============================================
# Stage 6: Production image
# ============================================
FROM node:20-alpine AS runner
RUN apk add --no-cache python3 py3-pip supervisor curl wget
# Create app user for security
RUN addgroup --system --gid 1001 nodejs
RUN adduser --system --uid 1001 nextjs
WORKDIR /app
# Copy Python dependencies (system-wide installation)
COPY --from=python-deps /usr/local/lib/python3.11/site-packages /usr/local/lib/python3.11/site-packages
COPY --from=python-deps /usr/local/bin /usr/local/bin
# Copy built application
COPY --from=builder /app/templates/remote-attestation-template/.next ./templates/remote-attestation-template/.next
COPY --from=builder /app/templates/remote-attestation-template/public ./templates/remote-attestation-template/public
COPY --from=builder /app/templates/remote-attestation-template/node_modules ./templates/remote-attestation-template/node_modules
COPY --from=builder /app/templates/remote-attestation-template/package.json ./templates/remote-attestation-template/
# Copy Python API
COPY templates/remote-attestation-template/api ./templates/remote-attestation-template/api
# Copy Bun server (if available)
COPY --from=bun-runtime /app/bun-server ./templates/remote-attestation-template/bun-server
# Copy configuration files
COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
COPY docker-entrypoint.sh /usr/local/bin/
COPY start-all-services.sh /usr/local/bin/
COPY simple-start.sh /usr/local/bin/
COPY .env /app/.env
RUN chmod +x /usr/local/bin/docker-entrypoint.sh /usr/local/bin/start-all-services.sh /usr/local/bin/simple-start.sh
# Copy health check script
COPY health-check.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/health-check.sh
# Set ownership
RUN chown -R nextjs:nodejs /app
# Run as root for supervisor (services will drop privileges)
# Environment variables with secure defaults
ENV NODE_ENV=production \
NEXT_TELEMETRY_DISABLED=1 \
PORT=3000 \
API_PORT=8000 \
BUN_PORT=8001 \
ENABLE_MOCK_MODE=false \
REQUIRE_ATTESTATION=true \
TEE_ENVIRONMENT=production \
PATH="/home/nextjs/.local/bin:$PATH"
# Expose ports
EXPOSE 3000 8000 8001
# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
CMD /usr/local/bin/health-check.sh || exit 1
# Entry point
ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
# Default command - start Python API directly alongside NextJS
CMD ["sh", "-c", "cd /app/templates/remote-attestation-template && npm start & cd /app/templates/remote-attestation-template/api && python3 main.py & wait"]