soroushdes/HokmPlay
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix Docker build/runtime: 0.0.0.0 bind, npm ci, HTTP-mirror fallback
CI/CD / CI - API (dotnet build + engine sim) (push) Failing after 1m40s
Details
CI/CD / CI - Web (tsc + next build) (push) Failing after 1m31s
Details
CI/CD / Deploy - local stack (db + server + web) (push) Has been skipped
Details

Browse Source 
Issues found bringing the stack up locally and fixed:
- Server was loopback-only inside the container (appsettings "Urls=localhost"
  wins over ASPNETCORE_URLS) → published port returned "empty reply". Force the
  bind with command-line args: ENTRYPOINT dotnet Hokm.Server.dll --urls 0.0.0.0:5005.
- Web image: npm install crashed on alpine ("Exit handler never called"); root
  cause was UNABLE_TO_GET_ISSUER_CERT_LOCALLY — the Nexus mirror serves a partial
  chain that Node's CA bundle can't complete. Use npm ci + strict-ssl=false.
- .NET restore hit the same partial chain (NU1301 PartialChain). Both registries
  are now build ARGs (NUGET_INDEX / NPM_REGISTRY) defaulting to the HTTPS mirror
  (CI runner trusts it); local .env overrides to the plain-HTTP Nexus
  (http://171.22.25.73:8081) which has no TLS. NuGet feed is generated inline with
  allowInsecureConnections so .NET 10 accepts the HTTP source.

Verified on local Docker (Postgres-backed): db+server+web all healthy; API + web
reachable from host on 1505/1500; auth → profile (1000 coins) → friend add/accept
(bidirectional) → chat (unread) all 200; rows persisted in Postgres
(Profiles=2, Friends=2, Messages=1).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
This commit is contained in:
soroush.asadi
2026-06-04 19:59:27 +03:30
parent 89d42184a1
commit fde8b93206
5 changed files with 38 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/Dockerfile
+22 -4
View File
@@ -2,7 +2,23 @@
# Build context = ./server (so Hokm.Engine + Hokm.Server are both in scope)
FROM mirror.soroushasadi.com/dotnet/sdk:10.0 AS build
WORKDIR /src
COPY nuget.docker.config /tmp/nuget.config
# NuGet feed. Default = HTTPS Nexus (CI runner trusts the cert). Override with
# NUGET_INDEX=http://<nexus-ip>:8081/repository/nuget-group/index.json for hosts
# whose trust store lacks the mirror's intermediate (PartialChain) — e.g. local
# Docker Desktop. allowInsecureConnections lets .NET 10 use the HTTP feed.
ARG NUGET_INDEX=https://mirror.soroushasadi.com/repository/nuget-group/index.json
RUN printf '%s\n' \
'<?xml version="1.0" encoding="utf-8"?>' \
'<configuration>' \
' <packageSources>' \
' <clear />' \
" <add key=\"nexus\" value=\"${NUGET_INDEX}\" protocolVersion=\"3\" allowInsecureConnections=\"true\" />" \
' </packageSources>' \
' <config>' \
' <add key="http_retry_count" value="8" />' \
' <add key="http_retry_delay_milliseconds" value="1000" />' \
' </config>' \
'</configuration>' > /tmp/nuget.config
COPY Directory.Build.props ./
COPY src/ ./src/
RUN dotnet restore src/Hokm.Server/Hokm.Server.csproj --configfile /tmp/nuget.config
@@ -13,9 +29,11 @@ WORKDIR /app
# aspnet image ships no wget/curl — borrow busybox so the healthcheck has wget.
COPY --from=mirror.soroushasadi.com/busybox:1.36 /bin/busybox /usr/bin/wget
COPY --from=build /out ./
# Bind all interfaces (appsettings binds localhost only, unreachable across the port map).
ENV ASPNETCORE_URLS=http://0.0.0.0:5005
# Bind all interfaces. appsettings.json pins "Urls=http://localhost:5005" (dev),
# which wins over ASPNETCORE_URLS — so force 0.0.0.0 via command-line args, which
# have the highest config precedence. Otherwise the server is loopback-only inside
# the container and the published port returns "empty reply".
EXPOSE 5005
HEALTHCHECK --interval=10s --timeout=5s --retries=12 --start-period=20s \
CMD wget -q -O- http://127.0.0.1:5005/ || exit 1
ENTRYPOINT ["dotnet", "Hokm.Server.dll"]
ENTRYPOINT ["dotnet", "Hokm.Server.dll", "--urls", "http://0.0.0.0:5005"]