From e860c741d7873128fa63fd1900960e0c3878b83f Mon Sep 17 00:00:00 2001 From: Greg Date: Thu, 29 May 2025 16:26:58 +0200 Subject: [PATCH] refactor: optimize Dockerfile with multi-stage build and improved Node.js setup --- Dockerfile | 52 ++++++++++++++++++++++++++++++---------------------- 1 file changed, 30 insertions(+), 22 deletions(-) diff --git a/Dockerfile b/Dockerfile index fc78db8..f945e77 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,23 +1,33 @@ -# Stage 1: Setup Nginx and Supervisor +# Dockerfile for Weight Tracker App with Nginx, Basic Auth, and Node.js API + +# Stage 1: Build Node.js app and generate package-lock.json +FROM node:alpine AS builder +WORKDIR /app-builder +# Copy package.json (and package-lock.json if it exists, though npm install will regenerate/respect it) +COPY package.json ./ +# If you have an .npmrc file for private registries or specific npm configurations, copy it here: +# COPY .npmrc ./ +RUN npm install +# Now /app-builder contains package.json, package-lock.json, and node_modules + +# Stage 2: Final image with Nginx and the Node.js API FROM nginx:alpine -# Install Supervisor, Node.js runtime, and apache2-utils (for htpasswd) +# Install Supervisor, Node.js runtime (for running the API), and apache2-utils (for htpasswd) +# npm is also needed here for 'npm install --production' RUN apk add --no-cache supervisor nodejs npm apache2-utils # Remove default Nginx configuration RUN rm /etc/nginx/conf.d/default.conf -# Declare build arguments for credentials -ARG AUTH_USERNAME -ARG AUTH_PASSWORD - -# Copy custom Nginx configuration +# Copy Nginx configuration files COPY nginx.conf /etc/nginx/nginx.conf - -# Copy Basic Auth config (nginx-auth.conf) COPY nginx-auth.conf /etc/nginx/nginx-auth.conf -# Generate .htpasswd file using build arguments +# Setup Basic Authentication +# For production, consider environment variables or Docker secrets for credentials +ARG AUTH_USERNAME +ARG AUTH_PASSWORD RUN htpasswd -cb /etc/nginx/.htpasswd ${AUTH_USERNAME} ${AUTH_PASSWORD} \ && chown nginx:nginx /etc/nginx/.htpasswd \ && chmod 600 /etc/nginx/.htpasswd @@ -25,15 +35,18 @@ RUN htpasswd -cb /etc/nginx/.htpasswd ${AUTH_USERNAME} ${AUTH_PASSWORD} \ # Copy Supervisor configuration COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf -# Set up Node.js application for the API +# Set up Node.js application for the API in /app WORKDIR /app -COPY package.json ./ -# If you have a package-lock.json, uncomment the next line -COPY package-lock.json ./ +# Copy package.json and package-lock.json from the builder stage +COPY --from=builder /app-builder/package.json ./ +COPY --from=builder /app-builder/package-lock.json ./ +# Install only production dependencies using the copied package-lock.json RUN npm install --production +# Copy the server API script from the build context (your local machine) COPY server-api.js ./ # Copy static website content (HTML, CSS, JS for the frontend) +# These are copied from your local build context COPY index.html /usr/share/nginx/html/ COPY js/ /usr/share/nginx/html/js/ COPY css/ /usr/share/nginx/html/css/ @@ -41,16 +54,11 @@ COPY css/ /usr/share/nginx/html/css/ # COPY images/ /usr/share/nginx/html/images/ # Create data directory (volume will be mounted here by docker-compose) -# Ensure Nginx (and Node.js if it needs to write logs/pid here) has permissions -# Ensure the /app directory is owned by nginx user if Node.js needs to write logs there under nginx user -# Or run Node.js process as a non-root user that has permissions to /app -# For now, Node.js will run as root by default in Supervisor, then switch to 'nginx' user as per supervisord.conf - -RUN mkdir -p /data && chown nginx:nginx /data # Or appropriate user for Node.js if it writes here +RUN mkdir -p /data && chown nginx:nginx /data VOLUME /data -# Expose port 80 for Nginx (which handles auth and proxies to API) +# Expose port 80 for Nginx EXPOSE 80 -# Start Supervisor when the container launches +# Start Supervisor CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]