soroushdes/flatrender
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: dockerize Next.js app (multi-stage build, standalone output)

Browse Source 
- Dockerfile: 3-stage build (deps → builder → runner) using node:20-alpine
- .dockerignore: excludes node_modules, .next, secrets, graphify-out
- docker-compose.yml: runtime secrets via env, build-time NEXT_PUBLIC_* via args
- Render worker service pre-wired (commented out, opt-in)
This commit is contained in:
Soroush.Asadi
2026-05-27 10:17:07 +03:30
parent 36e264f3e3
commit 53ea78a00d
3 changed files with 151 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Dockerfile
+62
View File
@@ -0,0 +1,62 @@
# ── Stage 1: install dependencies ────────────────────────────────────────────
FROM node:20-alpine AS deps
RUN apk add --no-cache libc6-compat
WORKDIR /app
COPY package.json package-lock.json* ./
RUN npm ci
# ── Stage 2: build ───────────────────────────────────────────────────────────
FROM node:20-alpine AS builder
WORKDIR /app
COPY --from=deps /app/node_modules ./node_modules
COPY . .
# NEXT_PUBLIC_* vars are embedded at build time — pass them as build args.
# Server-side secrets (STRIPE_SECRET_KEY, SUPABASE_SERVICE_ROLE_KEY, etc.)
# are injected at runtime via env / docker-compose and never baked into the image.
ARG NEXT_PUBLIC_SUPABASE_URL
ARG NEXT_PUBLIC_SUPABASE_ANON_KEY
ARG NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY
ARG NEXT_PUBLIC_SITE_URL=http://localhost:3000
ENV NEXT_PUBLIC_SUPABASE_URL=$NEXT_PUBLIC_SUPABASE_URL
ENV NEXT_PUBLIC_SUPABASE_ANON_KEY=$NEXT_PUBLIC_SUPABASE_ANON_KEY
ENV NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=$NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY
ENV NEXT_PUBLIC_SITE_URL=$NEXT_PUBLIC_SITE_URL
ENV NEXT_TELEMETRY_DISABLED=1
ENV NODE_ENV=production
RUN npm run build
# ── Stage 3: production runner ────────────────────────────────────────────────
FROM node:20-alpine AS runner
WORKDIR /app
ENV NODE_ENV=production
ENV NEXT_TELEMETRY_DISABLED=1
# Create a non-root user (security best practice)
RUN addgroup --system --gid 1001 nodejs \
&& adduser --system --uid 1001 nextjs
# Copy public assets
COPY --from=builder /app/public ./public
# standalone output: server.js + chunk bundles (no full node_modules)
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
# Prepare prerender cache dir with correct ownership
RUN mkdir -p .next && chown nextjs:nodejs .next
USER nextjs
EXPOSE 3000
ENV PORT=3000
ENV HOSTNAME=0.0.0.0
# Next.js standalone entry point
CMD ["node", "server.js"]