-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
98 lines (76 loc) · 3.1 KB
/
Dockerfile
File metadata and controls
98 lines (76 loc) · 3.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
# Multi-stage Dockerfile to run ASP.NET Core + Next.js in a single container
# Build arguments
ARG KAMAL_DEPLOY_HOST
ARG SERVICESTACK_LICENSE
ARG SERVICE
# 1. Build .NET app + Node.js apps
FROM mcr.microsoft.com/dotnet/sdk:10.0 AS dotnet-build
ARG KAMAL_DEPLOY_HOST
ENV KAMAL_DEPLOY_HOST=${KAMAL_DEPLOY_HOST}
WORKDIR /src
# Install Node.js for building Tailwind CSS and Next.js
RUN apt-get update \
&& apt-get install -y curl ca-certificates gnupg \
&& curl -fsSL https://deb.nodesource.com/setup_24.x | bash - \
&& apt-get install -y nodejs \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Copy solution and projects
COPY TechStacks.slnx ./
COPY TechStacks ./TechStacks
COPY TechStacks.ServiceInterface ./TechStacks.ServiceInterface
COPY TechStacks.ServiceModel ./TechStacks.ServiceModel
# Build Tailwind CSS for .NET project
WORKDIR /src/TechStacks
# Download tailwindcss binary directly (avoiding sudo requirement in postinstall.js)
RUN curl -sL https://github.com/tailwindlabs/tailwindcss/releases/latest/download/tailwindcss-linux-x64 \
-o /usr/local/bin/tailwindcss \
&& chmod +x /usr/local/bin/tailwindcss
RUN npm run ui:build
# Build Next.js app
WORKDIR /src/TechStacks.Client
COPY TechStacks.Client/package*.json TechStacks.Client/postinstall.mjs ./
RUN npm ci
COPY TechStacks.Client/ ./
RUN npm run build
# Restore and publish .NET app
WORKDIR /src
RUN dotnet restore TechStacks/TechStacks.csproj
# Disable .NET's built-in containerization (PublishProfile=DefaultContainer) inside Docker
RUN dotnet publish TechStacks/TechStacks.csproj -c Release --no-restore -p:PublishProfile=
# 2. Runtime image with .NET + Node
FROM mcr.microsoft.com/dotnet/aspnet:10.0 AS final
ARG SERVICESTACK_LICENSE
ARG SERVICE
ARG KAMAL_DEPLOY_HOST
WORKDIR /app
# Label required by Kamal, must match config/deploy.yml service
LABEL service="${SERVICE}"
# Install Node.js >= 20.9 (Node 24.x LTS) and bash for the entrypoint script
RUN apt-get update \
&& apt-get install -y curl ca-certificates gnupg bash \
&& curl -fsSL https://deb.nodesource.com/setup_24.x | bash - \
&& apt-get install -y nodejs \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Create unprivileged user for Next.js
RUN groupadd -r nextjs && useradd -r -g nextjs -s /bin/bash nextjs
# Copy published .NET app (owned by root, no access for nextjs user)
COPY --from=dotnet-build /src/TechStacks/bin/Release/net10.0/publish ./dotnet
RUN chmod -R 700 ./dotnet && chown -R root:root ./dotnet
# Copy built Next.js app (owned by nextjs user, read-only)
COPY --from=dotnet-build /src/TechStacks.Client ./nextjs
RUN chown -R nextjs:nextjs ./nextjs && chmod -R 500 ./nextjs
# Create /tmp directory accessible to nextjs user
RUN mkdir -p /tmp && chmod 1777 /tmp
ENV ASPNETCORE_URLS=http://0.0.0.0:8080 \
INTERNAL_API_URL=http://127.0.0.1:8080 \
NEXT_PORT=3000 \
NODE_ENV=production \
SERVICESTACK_LICENSE=$SERVICESTACK_LICENSE \
KAMAL_DEPLOY_HOST=$KAMAL_DEPLOY_HOST
EXPOSE 8080
# Copy entrypoint script
COPY entrypoint.sh /app/entrypoint.sh
RUN chmod +x /app/entrypoint.sh
ENTRYPOINT ["/usr/bin/env", "bash", "/app/entrypoint.sh"]