# ============================================ # Base stage for shared configuration # ============================================ FROM node:20.11-alpine3.19 AS base # Configure build environment with optimized settings ENV NODE_OPTIONS="--max_old_space_size=3072" \ NEXT_TELEMETRY_DISABLED=1 \ NODE_ENV=production \ PYTHONDONTWRITEBYTECODE=1 \ TZ=UTC # Install base dependencies RUN apk add --no-cache tzdata && \ ln -s /usr/share/zoneinfo/${TZ} /etc/localtime && \ echo ${TZ} > /etc/timezone # ============================================ # Web builder stage # ============================================ FROM base AS web-builder WORKDIR /app/web # Copy package files first COPY web/package.json web/yarn.lock ./ # Install dependencies RUN yarn install --frozen-lockfile --production=false # Copy web source COPY web/ . # Build with standalone output RUN yarn build # ============================================ # Python builder stage # ============================================ FROM python:3.10-slim-bookworm AS python-builder # Install build dependencies RUN apt-get update && \ apt-get install -y --no-install-recommends \ gcc g++ libc-dev libffi-dev \ libgmp-dev libmpfr-dev libmpc-dev \ && rm -rf /var/lib/apt/lists/* WORKDIR /app/api # Install poetry with specific version ENV POETRY_VERSION=1.8.3 RUN pip install --no-cache-dir poetry==${POETRY_VERSION} # Configure Poetry ENV POETRY_CACHE_DIR=/tmp/poetry_cache \ POETRY_NO_INTERACTION=1 \ POETRY_VIRTUALENVS_IN_PROJECT=true \ POETRY_VIRTUALENVS_CREATE=true \ POETRY_REQUESTS_TIMEOUT=15 # Copy and install Python dependencies COPY api/pyproject.toml api/poetry.lock ./ RUN poetry install --sync --no-cache --no-root # ============================================ # Final stage # ============================================ FROM python:3.10-slim-bookworm # Create non-root user RUN useradd -m -u 1000 user # Install runtime dependencies RUN apt-get update && \ apt-get install -y --no-install-recommends \ curl nodejs npm libgmp-dev libmpfr-dev libmpc-dev \ && echo "deb http://deb.debian.org/debian testing main" > /etc/apt/sources.list \ && apt-get update \ && apt-get install -y --no-install-recommends \ expat=2.6.3-2 libldap-2.5-0=2.5.18+dfsg-3+b1 \ perl=5.40.0-6 libsqlite3-0=3.46.1-1 \ zlib1g=1:1.3.dfsg+really1.3.1-1+b1 \ fonts-noto-cjk \ && apt-get autoremove -y \ && rm -rf /var/lib/apt/lists/* # Set up directory structure WORKDIR /app RUN mkdir -p api web && chown -R user:user /app # Copy Python environment ENV VIRTUAL_ENV=/app/api/.venv COPY --from=python-builder /app/api/.venv ${VIRTUAL_ENV} ENV PATH="${VIRTUAL_ENV}/bin:${PATH}" # Download NLTK data RUN python -c "import nltk; nltk.download('punkt'); nltk.download('averaged_perceptron_tagger')" # Copy application files COPY --chown=user api/ /app/api/ COPY --from=web-builder --chown=user /app/web/.next/standalone /app/web COPY --from=web-builder --chown=user /app/web/.next/static /app/web/.next/static COPY --from=web-builder --chown=user /app/web/public /app/web/public # Set environment variables ENV FLASK_APP=app.py \ EDITION=SELF_HOSTED \ DEPLOY_ENV=PRODUCTION \ CONSOLE_API_URL=http://127.0.0.1:7860 \ CONSOLE_WEB_URL=http://127.0.0.1:3000 \ SERVICE_API_URL=http://127.0.0.1:7860 \ APP_WEB_URL=http://127.0.0.1:3000 \ NODE_ENV=production \ HOME=/app \ PATH="/usr/local/bin:${PATH}" \ PYTHONPATH=/app/api \ MAIL_TYPE=resend \ MAIL_RESEND_API_KEY=null \ TZ=UTC USER user EXPOSE 7860 3000 # Copy and setup entrypoint COPY --chown=user docker/entrypoint.sh /app/entrypoint.sh RUN chmod +x /app/entrypoint.sh WORKDIR /app HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \ CMD curl -f http://localhost:7860/health || exit 1 CMD ["./entrypoint.sh"]