feat: create production Dockerfile (#37)
Some checks failed
Deploy to Coolify / Code Quality (pull_request) Has been cancelled
Deploy to Coolify / Run Tests (pull_request) Has been cancelled
Deploy to Coolify / Deploy to Development (pull_request) Has been cancelled
Deploy to Coolify / Deploy to Production (pull_request) Has been cancelled
Deploy to Coolify / Deploy to Test (pull_request) Has been cancelled
Pull Request Checks / Validate PR (pull_request) Has been cancelled
Some checks failed
Deploy to Coolify / Code Quality (pull_request) Has been cancelled
Deploy to Coolify / Run Tests (pull_request) Has been cancelled
Deploy to Coolify / Deploy to Development (pull_request) Has been cancelled
Deploy to Coolify / Deploy to Production (pull_request) Has been cancelled
Deploy to Coolify / Deploy to Test (pull_request) Has been cancelled
Pull Request Checks / Validate PR (pull_request) Has been cancelled
- Multi-stage build for optimal image size - Alpine Linux base (~220MB total) - Non-root user for security (nodejs:1001) - dumb-init for proper signal handling - Built-in health check endpoint - Production dependencies only - Comprehensive .dockerignore - Health check API endpoint - Docker deployment documentation Features: - Optimized layer caching - Secure non-root execution - Container health monitoring - ~220MB final image size - Ready for Kubernetes/Docker Compose Closes #37
This commit is contained in:
Pantry Lead Agent
90
docker/README.md
Normal file
90
docker/README.md
Normal file
@@ -0,0 +1,90 @@
|
||||
# Docker Deployment
|
||||
|
||||
## Production Dockerfile
|
||||
|
||||
The production Dockerfile uses a multi-stage build for optimized image size and security.
|
||||
|
||||
### Build the image
|
||||
|
||||
```bash
|
||||
docker build -t pantry:latest -f Dockerfile .
|
||||
```
|
||||
|
||||
### Run the container
|
||||
|
||||
```bash
|
||||
docker run -d \
|
||||
--name pantry \
|
||||
-p 3000:3000 \
|
||||
-e NUXT_PUBLIC_SUPABASE_URL=https://your-project.supabase.co \
|
||||
-e NUXT_PUBLIC_SUPABASE_ANON_KEY=your-anon-key \
|
||||
pantry:latest
|
||||
```
|
||||
|
||||
### Environment Variables
|
||||
|
||||
Required:
|
||||
- `NUXT_PUBLIC_SUPABASE_URL` - Your Supabase project URL
|
||||
- `NUXT_PUBLIC_SUPABASE_ANON_KEY` - Your Supabase anon/public key
|
||||
|
||||
Optional:
|
||||
- `PORT` - Port to listen on (default: 3000)
|
||||
- `HOST` - Host to bind to (default: 0.0.0.0)
|
||||
|
||||
### Health Check
|
||||
|
||||
The container includes a health check endpoint at `/api/health`
|
||||
|
||||
```bash
|
||||
curl http://localhost:3000/api/health
|
||||
```
|
||||
|
||||
Expected response:
|
||||
```json
|
||||
{
|
||||
"status": "ok",
|
||||
"timestamp": "2026-02-25T00:00:00.000Z",
|
||||
"uptime": 123.456
|
||||
}
|
||||
```
|
||||
|
||||
### Image Features
|
||||
|
||||
- **Multi-stage build**: Separate build and runtime stages
|
||||
- **Alpine Linux**: Minimal base image (~50MB base)
|
||||
- **Non-root user**: Runs as unprivileged user (nodejs:1001)
|
||||
- **dumb-init**: Proper signal handling and zombie reaping
|
||||
- **Health checks**: Built-in container health monitoring
|
||||
- **Production-optimized**: Only production dependencies included
|
||||
|
||||
### Image Size
|
||||
|
||||
Approximate sizes:
|
||||
- Base Alpine + Node.js: ~50MB
|
||||
- Dependencies: ~150MB
|
||||
- Built app: ~20MB
|
||||
- **Total**: ~220MB
|
||||
|
||||
### Security
|
||||
|
||||
- Runs as non-root user (nodejs)
|
||||
- No unnecessary packages
|
||||
- Minimal attack surface
|
||||
- Regular security updates via Alpine base
|
||||
|
||||
### Troubleshooting
|
||||
|
||||
View logs:
|
||||
```bash
|
||||
docker logs pantry
|
||||
```
|
||||
|
||||
Interactive shell:
|
||||
```bash
|
||||
docker exec -it pantry sh
|
||||
```
|
||||
|
||||
Check health:
|
||||
```bash
|
||||
docker inspect --format='{{json .State.Health}}' pantry
|
||||
```
|
||||
Reference in New Issue
Block a user