From 20e14d3a286c082cb0274174e79c07df0fdd3526 Mon Sep 17 00:00:00 2001 From: "soroush.asadi" Date: Sun, 31 May 2026 14:46:05 +0330 Subject: [PATCH] Fix base image: use mirror direct path, switch to node:20-alpine Mirror exposes images as mirror.soroushasadi.com/ directly, not via /repository/docker-group/ path. Also node:20-alpine is already cached on the server; node:20-slim was never pulled. Dockerfile: apk instead of apt-get, addgroup/adduser instead of groupadd/useradd (Alpine BusyBox compatibility). Co-Authored-By: Claude Sonnet 4.6 --- .gitea/workflows/ci.yml | 2 +- .gitea/workflows/deploy.yml | 2 +- Dockerfile | 17 ++++++----------- docker-compose.yml | 2 +- 4 files changed, 9 insertions(+), 14 deletions(-) diff --git a/.gitea/workflows/ci.yml b/.gitea/workflows/ci.yml index 7280ff4..20d8780 100644 --- a/.gitea/workflows/ci.yml +++ b/.gitea/workflows/ci.yml @@ -30,7 +30,7 @@ jobs: - name: Docker Build Test env: - NODE_IMAGE: mirror.soroushasadi.com/repository/docker-group/node:20-slim + NODE_IMAGE: mirror.soroushasadi.com/node:20-alpine NPM_TOKEN: ${{ secrets.NPM_TOKEN }} run: | docker build \ diff --git a/.gitea/workflows/deploy.yml b/.gitea/workflows/deploy.yml index 350b427..4651094 100644 --- a/.gitea/workflows/deploy.yml +++ b/.gitea/workflows/deploy.yml @@ -41,7 +41,7 @@ jobs: - name: Build Container env: - NODE_IMAGE: mirror.soroushasadi.com/repository/docker-group/node:20-slim + NODE_IMAGE: mirror.soroushasadi.com/node:20-alpine run: | docker compose build diff --git a/Dockerfile b/Dockerfile index de92517..1cfc5cb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,19 +1,14 @@ -# All base images flow through the Nexus docker-group proxy, which aggregates -# Docker Hub, Microsoft Container Registry (mcr.microsoft.com) and GitHub -# Container Registry (ghcr.io) behind one path — any upstream image is reachable -# as mirror.soroushasadi.com/repository/docker-group/. -# Build directly against Docker Hub instead with: -# --build-arg NODE_IMAGE=node:20-slim -ARG NODE_IMAGE=mirror.soroushasadi.com/repository/docker-group/node:20-slim +# Base image pulled from the Nexus mirror (direct path, no /repository/ prefix). +# Override for a local build: --build-arg NODE_IMAGE=node:20-alpine +ARG NODE_IMAGE=mirror.soroushasadi.com/node:20-alpine + # --------------------------------------------------------------------------- # 1. Dependencies — installs node_modules and compiles the better-sqlite3 # native addon (needs python3 + a C++ toolchain). # --------------------------------------------------------------------------- FROM ${NODE_IMAGE} AS deps WORKDIR /app -RUN apt-get update \ - && apt-get install -y --no-install-recommends python3 make g++ ca-certificates \ - && rm -rf /var/lib/apt/lists/* +RUN apk add --no-cache python3 make g++ ca-certificates # .npmrc points npm at the Nexus npm-group; NPM_TOKEN (optional) authenticates. # The token is appended at build time only — never reaches the runner image. ARG NPM_TOKEN="" @@ -45,7 +40,7 @@ ENV NODE_ENV=production \ HOSTNAME=0.0.0.0 \ DATA_DIR=/data -RUN groupadd -g 1001 nodejs && useradd -u 1001 -g nodejs -m nextjs +RUN addgroup -g 1001 nodejs && adduser -u 1001 -G nodejs -h /home/nextjs -D nextjs # Standalone server, static assets, and the public/ tree (portfolio art etc.). COPY --from=builder /app/.next/standalone ./ diff --git a/docker-compose.yml b/docker-compose.yml index afcf3e0..dc8f1d6 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,7 +6,7 @@ services: context: . dockerfile: Dockerfile args: - NODE_IMAGE: ${NODE_IMAGE:-mirror.soroushasadi.com/repository/docker-group/node:20-slim} + NODE_IMAGE: ${NODE_IMAGE:-mirror.soroushasadi.com/node:20-alpine} NPM_TOKEN: ${NPM_TOKEN:-} image: soroushasadi-site:latest container_name: soroushasadi-site