| FROM node:20-slim AS builder |
|
|
| USER root |
|
|
| RUN apt-get update && apt-get install -y git && rm -rf /var/lib/apt/lists/* |
|
|
| WORKDIR /app |
|
|
| RUN git clone https://github.com/CorentinTh/enclosed |
|
|
| WORKDIR /app/enclosed |
|
|
| RUN npm install -g pnpm --ignore-scripts && \ |
| pnpm install --frozen-lockfile --ignore-scripts |
|
|
| RUN pnpm --filter @enclosed/crypto run build && \ |
| pnpm --filter @enclosed/lib run build && \ |
| pnpm --filter @enclosed/app-client run build && \ |
| pnpm --filter @enclosed/app-server run build:node |
|
|
| FROM node:20-slim |
|
|
| RUN apt-get update && apt-get install -y \ |
| git \ |
| git-lfs \ |
| bash \ |
| curl \ |
| wget \ |
| procps && rm -rf /var/lib/apt/lists/* |
|
|
| WORKDIR /app |
|
|
| RUN chown -R 1000 /app |
| COPY --chown=1000 sync-notes.js ./ |
| COPY --chown=1000 ecosystem.config.js ./ |
|
|
| RUN npm install -g pm2 && \ |
| npm install node-cron |
|
|
| COPY --from=builder /app/enclosed/packages/app-client/dist ./public |
| COPY --from=builder /app/enclosed/packages/app-server/dist-node/index.cjs ./index.cjs |
|
|
| RUN --mount=type=secret,id=DATA_REPO,mode=0444,required=true \ |
| git clone $(cat /run/secrets/DATA_REPO) ./.data |
|
|
| WORKDIR /app/.data |
|
|
| RUN --mount=type=secret,id=GIT_USERNAME,mode=0444,required=true \ |
| git config user.name $(cat /run/secrets/GIT_USERNAME) |
| |
| RUN --mount=type=secret,id=GIT_EMAIL,mode=0444,required=true \ |
| git config user.email $(cat /run/secrets/GIT_EMAIL) |
|
|
| WORKDIR /app |
|
|
| RUN chown -R 1000 /app/.data |
| RUN chmod 777 /app/.data |
|
|
| USER 1000 |
|
|
| EXPOSE 8787 |
|
|
| CMD ["/bin/sh", "-c", "cd .data; git pull; cd ..; pm2-runtime ecosystem.config.js"] |
