# Stage 1: Setup Nginx and Supervisor FROM nginx:alpine # Install Supervisor, Node.js runtime, and apache2-utils (for htpasswd) RUN apk add --no-cache supervisor nodejs npm apache2-utils # Remove default Nginx configuration RUN rm /etc/nginx/conf.d/default.conf # Declare build arguments for credentials ARG AUTH_USERNAME ARG AUTH_PASSWORD # Copy custom Nginx configuration COPY nginx.conf /etc/nginx/nginx.conf # Copy Basic Auth config (nginx-auth.conf) COPY nginx-auth.conf /etc/nginx/nginx-auth.conf # Generate .htpasswd file using build arguments RUN htpasswd -cb /etc/nginx/.htpasswd ${AUTH_USERNAME} ${AUTH_PASSWORD} \ && chown nginx:nginx /etc/nginx/.htpasswd \ && chmod 600 /etc/nginx/.htpasswd # Copy Supervisor configuration COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf # Set up Node.js application for the API WORKDIR /app COPY package.json ./ # If you have a package-lock.json, uncomment the next line COPY package-lock.json ./ RUN npm install --production COPY server-api.js ./ # Copy static website content (HTML, CSS, JS for the frontend) COPY index.html /usr/share/nginx/html/ COPY js/ /usr/share/nginx/html/js/ COPY css/ /usr/share/nginx/html/css/ # Add other static asset directories if they exist (e.g., images, fonts, libs) # COPY images/ /usr/share/nginx/html/images/ # Create data directory (volume will be mounted here by docker-compose) # Ensure Nginx (and Node.js if it needs to write logs/pid here) has permissions # Ensure the /app directory is owned by nginx user if Node.js needs to write logs there under nginx user # Or run Node.js process as a non-root user that has permissions to /app # For now, Node.js will run as root by default in Supervisor, then switch to 'nginx' user as per supervisord.conf RUN mkdir -p /data && chown nginx:nginx /data # Or appropriate user for Node.js if it writes here VOLUME /data # Expose port 80 for Nginx (which handles auth and proxies to API) EXPOSE 80 # Start Supervisor when the container launches CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]