From 46d20ff8550a986889da1578e17a2250ece95445 Mon Sep 17 00:00:00 2001 From: kinghat Date: Thu, 14 Apr 2022 12:47:06 -0500 Subject: [PATCH 1/4] commit all --- client/Dockerfile | 6 +++--- docker-compose.yml | 13 ++++++------- server/Dockerfile | 10 ++-------- 3 files changed, 11 insertions(+), 18 deletions(-) diff --git a/client/Dockerfile b/client/Dockerfile index bccabe37..a7b14166 100644 --- a/client/Dockerfile +++ b/client/Dockerfile @@ -27,10 +27,10 @@ FROM node:17-alpine AS runner WORKDIR /app -ARG NODE_ENV +# ARG NODE_ENV ENV NEXT_TELEMETRY_DISABLED=1 -ENV NODE_ENV=${NODE_ENV:-production} +# ENV NODE_ENV=${NODE_ENV:-production} RUN addgroup --system --gid 1001 nodejs RUN adduser --system --uid 1001 nextjs @@ -45,6 +45,6 @@ USER nextjs ENV PORT=3001 -EXPOSE 3001 +EXPOSE ${PORT} CMD ["node", "server.js"] diff --git a/docker-compose.yml b/docker-compose.yml index 27bcc14c..5ecd7774 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -2,13 +2,11 @@ services: server: build: context: ./server - args: - - NODE_ENV=production container_name: server restart: unless-stopped user: 1000:1000 environment: - - PORT + - PORT=3331 - JWT_SECRET=jwt_secret # change_me! # use `openssl rand -hex 32` to generate a strong secret - SECRET_KEY=secret # change me! - MEMORY_DB @@ -17,18 +15,19 @@ services: - WELCOME_TITLE - ENABLE_ADMIN - DRIFT_HOME - ports: - - "3000:3000" + # TODO: server isnt needing exposed in this instance is it? + # ports: + # - "3000:3000" # only needs exposed if running on a separate host from client client: build: context: ./client args: - - API_URL=http://server:3000 + - API_URL=http://server:3331 container_name: client restart: unless-stopped user: 1000:1000 environment: - - API_URL=http://server:3000 + - API_URL=http://server:3331 - SECRET_KEY=secret # change me! ports: - "3001:3001" diff --git a/server/Dockerfile b/server/Dockerfile index a5c9bc5c..8a51ef71 100644 --- a/server/Dockerfile +++ b/server/Dockerfile @@ -16,10 +16,6 @@ WORKDIR /app COPY --from=deps /app/node_modules ./node_modules COPY . . -ARG NODE_ENV - -ENV NODE_ENV=${NODE_ENV:-production} - RUN apk add --no-cache git RUN yarn build:docker @@ -27,9 +23,7 @@ FROM node:17-alpine AS runner WORKDIR /app -ARG NODE_ENV - -ENV NODE_ENV=${NODE_ENV:-production} +ENV NODE_ENV=production RUN addgroup --system --gid 1001 nodejs RUN adduser --system --uid 1001 drift @@ -41,6 +35,6 @@ USER drift ENV PORT=3000 -EXPOSE 3000 +EXPOSE ${PORT} CMD ["node", "dist/index.js"] From 26eddb919c2291a83ff930186e357003abba0cdd Mon Sep 17 00:00:00 2001 From: kinghat Date: Thu, 14 Apr 2022 16:33:58 -0500 Subject: [PATCH 2/4] set back to defaults and comment out unnecessarily exposed ports --- docker-compose.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index 5ecd7774..3b4063ce 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,7 +6,7 @@ services: restart: unless-stopped user: 1000:1000 environment: - - PORT=3331 + - PORT - JWT_SECRET=jwt_secret # change_me! # use `openssl rand -hex 32` to generate a strong secret - SECRET_KEY=secret # change me! - MEMORY_DB @@ -15,19 +15,18 @@ services: - WELCOME_TITLE - ENABLE_ADMIN - DRIFT_HOME - # TODO: server isnt needing exposed in this instance is it? # ports: - # - "3000:3000" # only needs exposed if running on a separate host from client + # - "3000:3000" # only expose if needed client: build: context: ./client args: - - API_URL=http://server:3331 + - API_URL=http://server:3000 container_name: client restart: unless-stopped user: 1000:1000 environment: - - API_URL=http://server:3331 + - API_URL=http://server:3000 - SECRET_KEY=secret # change me! ports: - "3001:3001" From 2ba46f107388fc3fd6ceb0fef7c7a697e947c99d Mon Sep 17 00:00:00 2001 From: kinghat Date: Thu, 14 Apr 2022 16:34:27 -0500 Subject: [PATCH 3/4] refactor dockerfiles --- client/Dockerfile | 23 +++++++---------------- server/Dockerfile | 16 ++++++---------- 2 files changed, 13 insertions(+), 26 deletions(-) diff --git a/client/Dockerfile b/client/Dockerfile index a7b14166..07a48166 100644 --- a/client/Dockerfile +++ b/client/Dockerfile @@ -9,11 +9,10 @@ COPY package.json yarn.lock ./ RUN yarn install --frozen-lockfile -FROM node:17-alpine AS builder +FROM deps AS builder WORKDIR /app -COPY --from=deps /app/node_modules ./node_modules COPY . . ARG API_URL @@ -23,23 +22,15 @@ ENV API_URL=${API_URL:-http://localhost:3000} RUN yarn build -FROM node:17-alpine AS runner +FROM builder AS runner WORKDIR /app -# ARG NODE_ENV - -ENV NEXT_TELEMETRY_DISABLED=1 -# ENV NODE_ENV=${NODE_ENV:-production} - -RUN addgroup --system --gid 1001 nodejs -RUN adduser --system --uid 1001 nextjs - -COPY --from=builder /app/next.config.mjs ./ -COPY --from=builder /app/public ./public -COPY --from=builder /app/package.json ./package.json -COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./ -COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static +RUN addgroup --system --gid 1001 nodejs && \ + adduser --system --uid 1001 nextjs && \ + chown nextjs:nodejs /app/.next/standalone && \ + chown nextjs:nodejs /app/.next/static && \ + cp --recursive /app/.next/standalone/* /app USER nextjs diff --git a/server/Dockerfile b/server/Dockerfile index 8a51ef71..5bf4822d 100644 --- a/server/Dockerfile +++ b/server/Dockerfile @@ -9,27 +9,23 @@ COPY package.json yarn.lock tsconfig.json tslint.json ./ RUN yarn install --frozen-lockfile -FROM node:17-alpine AS builder +FROM deps AS builder WORKDIR /app -COPY --from=deps /app/node_modules ./node_modules COPY . . -RUN apk add --no-cache git -RUN yarn build:docker +RUN apk add --no-cache git && \ + yarn build:docker -FROM node:17-alpine AS runner +FROM builder AS runner WORKDIR /app ENV NODE_ENV=production -RUN addgroup --system --gid 1001 nodejs -RUN adduser --system --uid 1001 drift - -COPY --from=builder /app/dist ./dist -COPY --from=builder /app/node_modules ./node_modules +RUN addgroup --system --gid 1001 nodejs && \ + adduser --system --uid 1001 drift USER drift From a425460e16881912fb34635e54ead2dd6b00ec2b Mon Sep 17 00:00:00 2001 From: kinghat Date: Thu, 14 Apr 2022 22:59:23 -0500 Subject: [PATCH 4/4] revert last build stage to its own image --- client/Dockerfile | 29 +++++++++++++++++------------ server/Dockerfile | 17 ++++++++++------- 2 files changed, 27 insertions(+), 19 deletions(-) diff --git a/client/Dockerfile b/client/Dockerfile index 07a48166..6d79224e 100644 --- a/client/Dockerfile +++ b/client/Dockerfile @@ -13,29 +13,34 @@ FROM deps AS builder WORKDIR /app -COPY . . - ARG API_URL -ENV NEXT_TELEMETRY_DISABLED=1 +ENV NODE_ENV=production ENV API_URL=${API_URL:-http://localhost:3000} +ENV NEXT_TELEMETRY_DISABLED=1 + +COPY . . RUN yarn build -FROM builder AS runner +FROM node:17-alpine AS runner WORKDIR /app -RUN addgroup --system --gid 1001 nodejs && \ - adduser --system --uid 1001 nextjs && \ - chown nextjs:nodejs /app/.next/standalone && \ - chown nextjs:nodejs /app/.next/static && \ - cp --recursive /app/.next/standalone/* /app - -USER nextjs - +ENV NEXT_TELEMETRY_DISABLED=1 ENV PORT=3001 EXPOSE ${PORT} +RUN addgroup --system --gid 1001 nodejs && \ + adduser --system --uid 1001 nextjs + +COPY --from=builder /app/next.config.mjs ./ +COPY --from=builder /app/public ./public +COPY --from=builder /app/package.json ./package.json +COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./ +COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static + +USER nextjs + CMD ["node", "server.js"] diff --git a/server/Dockerfile b/server/Dockerfile index 5bf4822d..dcc6bdae 100644 --- a/server/Dockerfile +++ b/server/Dockerfile @@ -13,24 +13,27 @@ FROM deps AS builder WORKDIR /app +ENV NODE_ENV=production + COPY . . -RUN apk add --no-cache git && \ - yarn build:docker +RUN yarn build:docker -FROM builder AS runner +FROM node:17-alpine AS runner WORKDIR /app ENV NODE_ENV=production +ENV PORT=3000 + +EXPOSE ${PORT} RUN addgroup --system --gid 1001 nodejs && \ adduser --system --uid 1001 drift -USER drift - -ENV PORT=3000 +COPY --from=builder /app/dist ./dist +COPY --from=builder /app/node_modules ./node_modules -EXPOSE ${PORT} +USER drift CMD ["node", "dist/index.js"]