jcoakley/dev1
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
888bdd2939
dev1/Dockerfile.server3
Josh 888bdd2939
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
Runtime hardening, logs, rate limits
2025-08-28 18:03:45 +00:00

27 lines
756 B
Docker
Raw Blame History

FROM node:20-bookworm-slim AS base
RUN groupadd -r app && useradd -r -g app app
WORKDIR /app
# add curl for healthchecks (+ CA bundle)
RUN apt-get update -y && \
apt-get install -y --no-install-recommends \
build-essential python3 pkg-config curl ca-certificates && \
rm -rf /var/lib/apt/lists/*
COPY package*.json ./
RUN npm ci --unsafe-perm --omit=dev
# app payload (only what runtime needs)
COPY --chown=app:app backend/ ./backend/
COPY --chown=app:app src/ai/ ./src/ai/
COPY --chown=app:app src/assets/ ./src/assets/
COPY --chown=app:app backend/data/ ./backend/data/
RUN mkdir -p /run/secrets && chown -R app:app /run/secrets
RUN mkdir -p /data/uploads && chown -R app:app /data
USER app
CMD ["node", "backend/server3.js"]
Reference in New Issue View Git Blame Copy Permalink