# Stage 1: Builder FROM node:20-alpine AS builder WORKDIR /app # Install system dependencies RUN apk add --no-cache libc6-compat curl # Clean the workspace in case the base image is dirty RUN rm -rf ./* # Arguments for build-time configuration ARG NEXT_PUBLIC_BASE_URL ARG NEXT_PUBLIC_TARGET ARG DIRECTUS_URL ARG UMAMI_API_ENDPOINT ARG NPM_TOKEN # Environment variables for Next.js build ENV NEXT_PUBLIC_BASE_URL=$NEXT_PUBLIC_BASE_URL ENV NEXT_PUBLIC_TARGET=$NEXT_PUBLIC_TARGET ENV DIRECTUS_URL=$DIRECTUS_URL ENV UMAMI_API_ENDPOINT=$UMAMI_API_ENDPOINT ENV SKIP_RUNTIME_ENV_VALIDATION=true ENV CI=true # Set pnpm home and store directory for caching ENV PNPM_HOME="/pnpm" ENV PATH="$PNPM_HOME:$PATH" RUN mkdir -p /pnpm/store # Enable pnpm RUN corepack enable # Copy workspace files for dependency installation COPY pnpm-lock.yaml pnpm-workspace.yaml package.json .npmrc* ./ COPY apps/web/package.json ./apps/web/package.json # Install dependencies with cache mount RUN --mount=type=cache,id=pnpm,target=/pnpm/store \ --mount=type=secret,id=NPM_TOKEN \ export NPM_TOKEN=$(cat /run/secrets/NPM_TOKEN 2>/dev/null || echo $NPM_TOKEN) && \ pnpm install --frozen-lockfile # Copy source code COPY . . # Build application (monorepo filter) RUN pnpm --filter @mintel/web build # Stage 2: Runner FROM node:20-alpine AS runner WORKDIR /app # Install system dependencies RUN apk add --no-cache libc6-compat curl ENV HOSTNAME="0.0.0.0" ENV PORT=3000 ENV NODE_ENV=production # Create non-root user for security RUN addgroup --system --gid 1001 nodejs && \ adduser --system --uid 1001 nextjs # Copy standalone output and static files (Monorepo paths) COPY --from=builder --chown=nextjs:nodejs /app/apps/web/public ./apps/web/public COPY --from=builder --chown=nextjs:nodejs /app/apps/web/.next/standalone ./ COPY --from=builder --chown=nextjs:nodejs /app/apps/web/.next/static ./apps/web/.next/static COPY --from=builder --chown=nextjs:nodejs /app/apps/web/.next/cache ./apps/web/.next/cache USER nextjs # Start from the app directory to ensure references solve correctly WORKDIR /app/apps/web CMD ["node", "server.js"]