-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
beede9f
commit 49542d9
Showing
1 changed file
with
54 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,54 @@ | ||
| # Stage 1: Build the application | ||
| FROM node:18-slim as builder | ||
|
|
||
| LABEL org.opencontainers.image.title="AuthCompanion" | ||
| LABEL org.opencontainers.image.version="3.0.0-beta.21" | ||
| LABEL org.opencontainers.image.description="An admin-friendly, User Management Server (with Passkeys & JWTs) - for seamless and secure integration of user authentication" | ||
| LABEL org.opencontainers.image.authors="Paul Fischer" | ||
| LABEL org.opencontainers.image.source=https://github.com/authcompanion/authcompanion2 | ||
|
|
||
| # update packages, to reduce the risk of vulnerabilities | ||
| RUN apt-get update && apt-get upgrade -y && apt-get autoclean -y && apt-get autoremove -y | ||
|
|
||
| # set a non-privileged user to use when running this image | ||
| RUN groupadd -r nodejs && useradd -g nodejs -s /bin/bash -d /home/nodejs -m nodejs | ||
| USER nodejs | ||
| # set the right (secure) folder permissions | ||
| RUN mkdir -p /home/nodejs/app/node_modules /home/nodejs/app/authdata && chown -R nodejs:nodejs /home/nodejs/app | ||
|
|
||
| WORKDIR /home/nodejs/app | ||
|
|
||
| # set default node env | ||
| ARG NODE_ENV=production | ||
| ENV NODE_ENV=${NODE_ENV} | ||
|
|
||
| ENV NPM_CONFIG_LOGLEVEL=warn | ||
|
|
||
| # copy project definition/dependencies files, for better reuse of layers | ||
| COPY --chown=nodejs:nodejs package*.json ./ | ||
|
|
||
| # install dependencies here, for better reuse of layers | ||
| RUN npm install | ||
|
|
||
| # copy all sources in the container (exclusions in .dockerignore file) | ||
| COPY --chown=nodejs:nodejs . . | ||
|
|
||
| # Stage 2: Create a minimal image for ARM64v8 | ||
| FROM arm64v8/node:18-slim | ||
|
|
||
| WORKDIR /home/nodejs/app | ||
|
|
||
| # Copy the application files from the builder stage | ||
| COPY --from=builder /home/nodejs/app . | ||
|
|
||
| # Exposed port/s | ||
| EXPOSE 3002 | ||
|
|
||
| # Add an healthcheck, useful | ||
| # Healthcheck with curl, but not recommended | ||
| # HEALTHCHECK CMD curl --fail http://localhost:8000/health || exit 1 | ||
| # Healthcheck by calling the additional script exposed by the plugin | ||
| # HEALTHCHECK --interval=30s --timeout=10s --start-period=5s CMD npm run healthcheck-manual | ||
|
|
||
| # Entrypoint and command | ||
| CMD [ "node", "server.js" ] |