Flexomatic81
0e8d5aef85
- Multi-stage Dockerfiles for API (NestJS) and Web (Next.js standalone) - docker-compose.prod.yml: full production stack (postgres, redis, keycloak, api, web) with optional Caddy/Let's Encrypt via --profile ssl - docker-compose.local.yml: identical local test stack, all ports exposed - docker/postgres/init.sql: auto-creates tos_app DB on first start - Caddyfile: reverse proxy for app domain + auth subdomain - install.sh: interactive installer (domain, SSL mode, secret generation) - NestJS SetupModule: @Public() endpoints for /setup/status, /setup/admin, /setup/branding, /setup/complete with setup-token guard - Web installer: 4-step flow (system check, admin creation, branding, complete) at /[locale]/setup/* with public middleware bypass - i18n: installer namespace added to de.json and en.json - CORS: x-setup-token header allowed in main.ts Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
67 lines
2.5 KiB
Docker
67 lines
2.5 KiB
Docker
# =============================================================================
|
|
# tOS Web Frontend - Multi-Stage Docker Build
|
|
# =============================================================================
|
|
# Nutzt Next.js Standalone-Output fuer minimale Image-Groesse
|
|
# Voraussetzung: output: 'standalone' in next.config.mjs
|
|
#
|
|
# Build: docker build -f apps/web/Dockerfile -t tos-web .
|
|
# Run: docker run -p 3000:3000 --env-file .env tos-web
|
|
# =============================================================================
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Stage 1: Base - Node.js mit pnpm
|
|
# ---------------------------------------------------------------------------
|
|
FROM node:20-alpine AS base
|
|
RUN corepack enable && corepack prepare pnpm@9.15.0 --activate
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Stage 2: Builder - Dependencies installieren und kompilieren
|
|
# ---------------------------------------------------------------------------
|
|
FROM base AS builder
|
|
WORKDIR /app
|
|
|
|
# Kopiere Workspace-Konfiguration (fuer pnpm Monorepo-Aufloesung)
|
|
COPY package.json pnpm-workspace.yaml pnpm-lock.yaml ./
|
|
|
|
# Kopiere Shared Package (wird vom Frontend als Dependency referenziert)
|
|
COPY packages/ ./packages/
|
|
|
|
# Kopiere Frontend-Quellcode
|
|
COPY apps/web/ ./apps/web/
|
|
|
|
# Installiere alle Dependencies (frozen-lockfile fuer reproduzierbare Builds)
|
|
RUN pnpm install --frozen-lockfile
|
|
|
|
# Baue zuerst das Shared Package (Dependency des Frontends)
|
|
RUN pnpm --filter @tos/shared build
|
|
|
|
# Baue das Frontend (erzeugt .next/standalone dank output: 'standalone')
|
|
RUN pnpm --filter @tos/web build
|
|
|
|
# ---------------------------------------------------------------------------
|
|
# Stage 3: Runner - Schlankes Production Image
|
|
# ---------------------------------------------------------------------------
|
|
FROM base AS runner
|
|
WORKDIR /app
|
|
ENV NODE_ENV=production
|
|
ENV NEXT_TELEMETRY_DISABLED=1
|
|
|
|
# Kopiere Standalone-Output (enthaelt Server + gebundelte Dependencies)
|
|
COPY --from=builder /app/apps/web/.next/standalone ./
|
|
|
|
# Kopiere statische Assets (werden nicht im Standalone-Bundle enthalten)
|
|
COPY --from=builder /app/apps/web/.next/static ./apps/web/.next/static
|
|
|
|
# Kopiere Public-Verzeichnis (Bilder, Fonts, etc.)
|
|
COPY --from=builder /app/apps/web/public ./apps/web/public
|
|
|
|
# Sicherheit: Nicht als root ausfuehren
|
|
USER node
|
|
|
|
EXPOSE 3000
|
|
ENV PORT=3000
|
|
ENV HOSTNAME="0.0.0.0"
|
|
|
|
# Next.js Standalone-Server starten
|
|
CMD ["node", "apps/web/server.js"]
|