chore: dockerize Next.js app (multi-stage build, standalone output)

- Dockerfile: 3-stage build (deps → builder → runner) using node:20-alpine - .dockerignore: excludes node_modules, .next, secrets, graphify-out - docker-compose.yml: runtime secrets via env, build-time NEXT_PUBLIC_* via args - Render worker service pre-wired (commented out, opt-in)
2026-05-27 10:17:07 +03:30
parent 36e264f3e3
commit 53ea78a00d
3 changed files with 151 additions and 0 deletions
@@ -0,0 +1,55 @@
+services:
+
+  # ── Next.js app ─────────────────────────────────────────────────────────────
+  flatrender:
+    build:
+      context: .
+      dockerfile: Dockerfile
+      args:
+        # NEXT_PUBLIC_* must be available at BUILD time (embedded in JS bundle).
+        # Supply them here or via a .env file next to docker-compose.yml.
+        NEXT_PUBLIC_SUPABASE_URL:         ${NEXT_PUBLIC_SUPABASE_URL}
+        NEXT_PUBLIC_SUPABASE_ANON_KEY:    ${NEXT_PUBLIC_SUPABASE_ANON_KEY}
+        NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY: ${NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY:-}
+        NEXT_PUBLIC_SITE_URL:             ${NEXT_PUBLIC_SITE_URL:-https://flatrender.com}
+    container_name: flatrender
+    restart: unless-stopped
+    ports:
+      - "3000:3000"
+    environment:
+      NODE_ENV: production
+
+      # ── Server-side secrets (runtime only, never in image) ───────────────
+      SUPABASE_SERVICE_ROLE_KEY:      ${SUPABASE_SERVICE_ROLE_KEY}
+      STRIPE_SECRET_KEY:              ${STRIPE_SECRET_KEY:-}
+      STRIPE_WEBHOOK_SECRET:          ${STRIPE_WEBHOOK_SECRET:-}
+      STRIPE_PRICE_PRO_MONTHLY:       ${STRIPE_PRICE_PRO_MONTHLY:-}
+      STRIPE_PRICE_PRO_ANNUAL:        ${STRIPE_PRICE_PRO_ANNUAL:-}
+      STRIPE_PRICE_BUSINESS_MONTHLY:  ${STRIPE_PRICE_BUSINESS_MONTHLY:-}
+      STRIPE_PRICE_BUSINESS_ANNUAL:   ${STRIPE_PRICE_BUSINESS_ANNUAL:-}
+
+      # ── Optional integrations ─────────────────────────────────────────────
+      # Point to admin-api container if running together
+      ADMIN_API_URL:                  ${ADMIN_API_URL:-http://flatrender-api:5000}
+      REMOVE_BG_API_KEY:              ${REMOVE_BG_API_KEY:-}
+      REMBG_SERVICE_URL:              ${REMBG_SERVICE_URL:-}
+
+      # ── Render worker (optional) ──────────────────────────────────────────
+      RENDER_WORKER_URL:              ${RENDER_WORKER_URL:-http://render-worker:3355}
+      RENDER_WORKER_SECRET:           ${RENDER_WORKER_SECRET:-}
+      RENDER_MOCK:                    ${RENDER_MOCK:-true}
+    depends_on: []
+
+  # ── Render worker (optional, uncomment if using nexrender) ──────────────────
+  # render-worker:
+  #   build:
+  #     context: .
+  #     dockerfile: Dockerfile.worker
+  #   container_name: flatrender-worker
+  #   restart: unless-stopped
+  #   ports:
+  #     - "3355:3355"
+  #   environment:
+  #     RENDER_WORKER_PORT: 3355
+  #     RENDER_WORKER_SECRET: ${RENDER_WORKER_SECRET:-}
+  #     NEXRENDER_BINARY: ${NEXRENDER_BINARY:-}