-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Dockerfile
81 lines (58 loc) · 1.94 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
ARG USE_OLLAMA=false
ARG USE_EMBEDDING_MODEL=sentence-transformers/all-MiniLM-L6-v2
ARG USE_RERANKING_MODEL=""
ARG BUILD_HASH=dev-build
ARG UID=0
ARG GID=0
FROM --platform=$BUILDPLATFORM node:21-alpine3.19 as build
ARG BUILD_HASH
WORKDIR /app
COPY package.json package-lock.json ./
RUN npm ci
COPY . .
ENV APP_BUILD_HASH=$BUILD_HASH
RUN npm run build
FROM python:3.11-slim-bookworm as base
ARG UID=0
ARG GID=0
ARG SECRET_KEY=""
## Basis ##
ENV ENV=production \
PORT=7080 \
PIP_NO_CACHE_DIR=off \
PIP_DISABLE_PIP_VERSION_CHECK=on \
PIP_DEFAULT_TIMEOUT=100 \
TPNEWSLETTER_SECRET_KEY=${SECRET_KEY:-"$(openssl rand -hex 32)"}
WORKDIR /app/backend
ENV HOME /root
# Create user and group if not root
RUN if [ $UID -ne 0 ]; then \
if [ $GID -ne 0 ]; then \
addgroup --gid $GID app; \
fi; \
adduser --uid $UID --gid $GID --home $HOME --disabled-password --no-create-home app; \
fi
RUN chown -R $UID:$GID /app $HOME
COPY --chown=$UID:$GID ./backend/requirements.txt ./requirements.txt
RUN apt-get update && \
apt-get install -y --no-install-recommends git build-essential pandoc netcat-openbsd curl && \
apt-get install -y --no-install-recommends gcc python3-dev && \
apt-get install -y --no-install-recommends curl jq && \
# clean up
rm -rf /var/lib/apt/lists/*
RUN pip3 install uv && \
uv pip install --system -r requirements.txt --no-cache-dir && \
chown -R $UID:$GID /app/backend/data
# copy built frontend files
COPY --chown=$UID:$GID --from=build /app/build /app/build
COPY --chown=$UID:$GID --from=build /app/CHANGELOG.md /app/CHANGELOG.md
COPY --chown=$UID:$GID --from=build /app/package.json /app/package.json
# copy backend files
COPY --chown=$UID:$GID ./backend .
EXPOSE 7080
HEALTHCHECK CMD curl --silent --fail http://localhost:${PORT:-7080}/health | jq -ne 'input.status == true' || exit 1
USER $UID:$GID
ARG BUILD_HASH
ENV BACKEND_BUILD_VERSION=${BUILD_HASH}
ENV DOCKER true
CMD [ "bash", "start.sh" ]