-
Notifications
You must be signed in to change notification settings - Fork 98
Expand file tree
/
Copy pathDockerfile.web
More file actions
63 lines (44 loc) · 2.22 KB
/
Dockerfile.web
File metadata and controls
63 lines (44 loc) · 2.22 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
# ---- Dependencies stage ----
FROM node:22-slim@sha256:80fdb3f57c815e1b638d221f30a826823467c4a56c8f6a8d7aa091cd9b1675ea AS deps
RUN corepack enable && corepack prepare pnpm@10 --activate
WORKDIR /app
# Copy workspace config
COPY package.json pnpm-lock.yaml pnpm-workspace.yaml turbo.json tsconfig.base.json ./
# Copy package.json for ALL workspace packages (pnpm needs full workspace graph)
COPY apps/api/package.json apps/api/
COPY apps/cli/package.json apps/cli/
COPY apps/web/package.json apps/web/tsconfig.json apps/web/
COPY apps/site/package.json apps/site/
COPY packages/shared/package.json packages/shared/tsconfig.json packages/shared/
COPY packages/agent-adapters/package.json packages/agent-adapters/
COPY packages/container-runtime/package.json packages/container-runtime/
COPY packages/ticket-providers/package.json packages/ticket-providers/
# Install all dependencies (dev deps needed for build)
RUN pnpm install --frozen-lockfile --prod=false
# ---- Builder stage ----
FROM deps AS builder
# Copy source
COPY packages/shared/ packages/shared/
COPY apps/web/ apps/web/
# Build shared packages then web
ENV NEXT_TELEMETRY_DISABLED=1
RUN pnpm turbo build --filter=@optio/shared
RUN cd apps/web && npx next build
# ---- Runtime stage ----
FROM node:22-slim@sha256:80fdb3f57c815e1b638d221f30a826823467c4a56c8f6a8d7aa091cd9b1675ea
ARG OPTIO_VERSION=dev
ENV OPTIO_VERSION=${OPTIO_VERSION}
WORKDIR /app
# Verify Node ships OpenSSL >= 3.5 for post-quantum TLS (X25519MLKEM768)
RUN node -e 'const [maj,min] = process.versions.openssl.split(".").map(Number); if (maj < 3 || (maj === 3 && min < 5)) { console.error("OpenSSL " + process.versions.openssl + " too old; need >= 3.5"); process.exit(1); }'
ENV NODE_ENV=production
ENV NEXT_TELEMETRY_DISABLED=1
# Copy standalone output (preserves monorepo directory structure)
COPY --from=builder /app/apps/web/.next/standalone ./
COPY --from=builder /app/apps/web/.next/static ./apps/web/.next/static
COPY --from=builder /app/apps/web/public ./apps/web/public
EXPOSE 3000
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
CMD node -e "fetch('http://localhost:3000').then(r=>{if(!r.ok)process.exit(1)}).catch(()=>process.exit(1))"
USER node
CMD ["node", "apps/web/server.js"]