Files
Momento/memento-note/Dockerfile
Sepehr Ramezani 97163bfb89
Some checks failed
Deploy to Production / Deploy to 192.168.1.190 (push) Has been cancelled
fix: production deployment hardening
Docker:
- Restrict PostgreSQL port to 127.0.0.1 only (not exposed to LAN)
- Add APP_BASE_URL for MCP server to reach Next.js via Docker network
- Fix MCP healthcheck (remove always-passing fallback)
- Add resource limits to mcp-server container

Dockerfile:
- Remove full node_modules copy (standalone already includes deps)
  Reduces image size by ~500MB+

Config:
- Add MCP_SERVER_MODE and MCP_SERVER_URL to deploy.sh and .env.docker.example
- Deploy script now auto-sets MCP_SERVER_URL based on NEXTAUTH_URL

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-04-21 23:09:22 +02:00

64 lines
1.6 KiB
Docker

# Multi-stage build for Next.js 16 with Webpack + Prisma
# Using Debian 11 (bullseye) for native OpenSSL 1.1.x support
FROM node:22-bullseye-slim AS base
FROM base AS deps
WORKDIR /app
# Install OpenSSL (1.1.x native in Debian 11)
RUN apt-get update && apt-get install -y --no-install-recommends \
openssl \
&& rm -rf /var/lib/apt/lists/*
# Install dependencies
COPY package.json package-lock.json* ./
RUN npm install --legacy-peer-deps
FROM base AS builder
WORKDIR /app
COPY --from=deps /app/node_modules ./node_modules
COPY . .
# Copy Prisma schema and generate client BEFORE Next.js build
COPY prisma ./prisma
RUN npx prisma generate
# Build Next.js with Webpack
ENV NEXT_TELEMETRY_DISABLED=1
RUN npm run build
FROM base AS runner
WORKDIR /app
ENV NODE_ENV=production
ENV NEXT_TELEMETRY_DISABLED=1
RUN addgroup --system --gid 1001 nodejs
RUN adduser --system --uid 1001 nextjs
COPY --from=builder /app/public ./public
COPY --from=builder /app/package.json ./package.json
COPY --from=builder /app/package-lock.json ./package-lock.json
RUN mkdir .next
RUN chown nextjs:nodejs .next
# Copy Next.js standalone output
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
# Copy Prisma schema, generated client, and Query Engine binaries
COPY --from=builder /app/prisma ./prisma
RUN chown -R nextjs:nodejs /app/prisma
COPY --from=builder --chown=nextjs:nodejs /app/node_modules/.prisma ./node_modules/.prisma
USER nextjs
EXPOSE 3000
ENV PORT=3000
ENV HOSTNAME="0.0.0.0"
CMD ["node", "server.js"]