|
|
@@ -0,0 +1,55 @@
|
|
|
+---
|
|
|
+name: Basic Web App Dockerfile
|
|
|
+description: Multi-stage Dockerfile for Node.js web applications with security best practices
|
|
|
+author: xcad (Christian Lempa)
|
|
|
+date: 2025-08-29
|
|
|
+module: docker
|
|
|
+files:
|
|
|
+ - .dockerignore
|
|
|
+ - docker-compose.yml
|
|
|
+---
|
|
|
+# Multi-stage build for Node.js application
|
|
|
+FROM node:18-alpine AS builder
|
|
|
+
|
|
|
+# Set working directory
|
|
|
+WORKDIR /app
|
|
|
+
|
|
|
+# Copy package files
|
|
|
+COPY package*.json ./
|
|
|
+
|
|
|
+# Install dependencies
|
|
|
+RUN npm ci --only=production
|
|
|
+
|
|
|
+# Copy source code
|
|
|
+COPY . .
|
|
|
+
|
|
|
+# Build application
|
|
|
+RUN npm run build
|
|
|
+
|
|
|
+# Production stage
|
|
|
+FROM node:18-alpine AS production
|
|
|
+
|
|
|
+# Create non-root user
|
|
|
+RUN addgroup -g 1001 -S nodejs && \
|
|
|
+ adduser -S nextjs -u 1001
|
|
|
+
|
|
|
+# Set working directory
|
|
|
+WORKDIR /app
|
|
|
+
|
|
|
+# Copy built application from builder stage
|
|
|
+COPY --from=builder --chown=nextjs:nodejs /app/dist ./dist
|
|
|
+COPY --from=builder --chown=nextjs:nodejs /app/node_modules ./node_modules
|
|
|
+COPY --from=builder --chown=nextjs:nodejs /app/package.json ./package.json
|
|
|
+
|
|
|
+# Switch to non-root user
|
|
|
+USER nextjs
|
|
|
+
|
|
|
+# Expose port
|
|
|
+EXPOSE 3000
|
|
|
+
|
|
|
+# Health check
|
|
|
+HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
|
|
|
+ CMD curl -f http://localhost:3000/health || exit 1
|
|
|
+
|
|
|
+# Start application
|
|
|
+CMD ["npm", "start"]
|
xcad