diff --git a/docker/prod/Dockerfile b/docker/prod/Dockerfile index e39b5606a..74c1e196b 100644 --- a/docker/prod/Dockerfile +++ b/docker/prod/Dockerfile @@ -8,14 +8,18 @@ ARG CLOUDFLARED_VERSION=2024.11.0 # https://www.postgresql.org/support/versioning/ - Can not updated automatically so keep it at 15 ARG POSTGRES_VERSION=15 - +# ================================================================= +# Stage 1: Composer dependencies +# ================================================================= FROM serversideup/php:${SERVERSIDEUP_PHP_VERSION} AS base WORKDIR /var/www/html COPY --chown=www-data:www-data composer.json composer.lock ./ RUN composer install --no-dev --no-interaction --no-plugins --no-scripts --prefer-dist - +# ================================================================= +# Stage 2: Frontend assets compilation +# ================================================================= FROM node:20-alpine AS static-assets WORKDIR /app @@ -24,8 +28,14 @@ COPY public ./public COPY resources ./resources RUN npm ci && npm run build +# ================================================================= +# Stage 3: Get MinIO client +# ================================================================= FROM minio/mc:${MINIO_VERSION} AS minio-client +# ================================================================= +# Final Stage: Production image +# ================================================================= FROM serversideup/php:${SERVERSIDEUP_PHP_VERSION} ARG TARGETPLATFORM @@ -37,10 +47,12 @@ WORKDIR /var/www/html USER root +# Install PostgreSQL repository and keys RUN apk add --no-cache gnupg && \ mkdir -p /usr/share/keyrings && \ curl -fSsL https://www.postgresql.org/media/keys/ACCC4CF8.asc | gpg --dearmor > /usr/share/keyrings/postgresql.gpg +# Install system dependencies RUN apk add --no-cache \ postgresql${POSTGRES_VERSION}-client \ openssh-client \ @@ -49,10 +61,12 @@ RUN apk add --no-cache \ jq \ lsof +# Configure shell aliases RUN echo "alias ll='ls -al'" >> /etc/profile && \ echo "alias a='php artisan'" >> /etc/profile && \ echo "alias logs='tail -f storage/logs/laravel.log'" >> /etc/profile +# Install Cloudflared based on architecture RUN mkdir -p /usr/local/bin && \ if [ "${TARGETPLATFORM}" = "linux/amd64" ]; then \ curl -sSL "https://github.com/cloudflare/cloudflared/releases/download/${CLOUDFLARED_VERSION}/cloudflared-linux-amd64" -o /usr/local/bin/cloudflared; \ @@ -61,15 +75,16 @@ RUN mkdir -p /usr/local/bin && \ fi && \ chmod +x /usr/local/bin/cloudflared - +# Configure PHP RUN echo 'upload_max_filesize=256M' > /usr/local/etc/php/conf.d/upload-limits.ini && \ echo 'post_max_size=256M' >> /usr/local/etc/php/conf.d/upload-limits.ini ENV PHP_OPCACHE_ENABLE=1 - +# Copy application files from previous stages COPY --from=base --chown=www-data:www-data /var/www/html/vendor ./vendor COPY --from=static-assets --chown=www-data:www-data /app/public/build ./public/build +# Copy application source code COPY --chown=www-data:www-data composer.json composer.lock ./ COPY --chown=www-data:www-data app ./app COPY --chown=www-data:www-data bootstrap ./bootstrap @@ -82,6 +97,7 @@ COPY --chown=www-data:www-data storage ./storage COPY --chown=www-data:www-data templates ./templates COPY --chown=www-data:www-data artisan artisan +# Configure Nginx and S6 overlay COPY docker/prod/nginx.conf /etc/nginx/conf.d/custom.conf COPY --chmod=755 docker/prod/etc/s6-overlay/ /etc/s6-overlay/ @@ -89,11 +105,14 @@ RUN mkdir -p /etc/nginx/conf.d && \ chown -R www-data:www-data /etc/nginx && \ chmod -R 755 /etc/nginx +# Install MinIO client COPY --from=minio-client /usr/bin/mc /usr/bin/mc RUN chmod +x /usr/bin/mc +# Switch to non-root user USER www-data +# Optimize Laravel application RUN composer dump-autoload && \ php artisan route:clear && \ php artisan view:clear && \