67 lines
2.4 KiB
Docker
67 lines
2.4 KiB
Docker
# Multi-stage Dockerfile for Media API (Fastify)
|
|
# Uses Drizzle ORM for media tables + Prisma for user auth
|
|
|
|
FROM node:20-alpine AS base
|
|
WORKDIR /app
|
|
|
|
# Install ffmpeg for video metadata, vips-dev for sharp HEIC support, yt-dlp for video fetching
|
|
RUN apk add --no-cache ffmpeg vips-dev python3 py3-pip && pip3 install --break-system-packages yt-dlp
|
|
|
|
# Install dependencies
|
|
# Two-step: skip scripts to avoid sharp source build, then install prebuilt musl binary
|
|
COPY package*.json ./
|
|
RUN npm ci --omit=dev --ignore-scripts && \
|
|
npm install --no-save @img/sharp-linuxmusl-x64
|
|
|
|
# Copy Prisma schema and generate client (needed for auth middleware)
|
|
COPY prisma ./prisma
|
|
RUN npx prisma generate
|
|
|
|
# Copy source code
|
|
COPY src ./src
|
|
COPY drizzle ./drizzle
|
|
COPY drizzle.config.ts ./
|
|
COPY tsconfig.json ./
|
|
|
|
# Development stage with hot reload
|
|
FROM base AS development
|
|
# su-exec for dropping privileges after fixing mounted volume permissions
|
|
RUN apk add --no-cache su-exec
|
|
RUN npm install tsx --save-dev
|
|
COPY media-docker-entrypoint.sh /usr/local/bin/
|
|
RUN chmod +x /usr/local/bin/media-docker-entrypoint.sh
|
|
ENTRYPOINT ["media-docker-entrypoint.sh"]
|
|
CMD ["npx", "tsx", "watch", "src/media-server.ts"]
|
|
|
|
# Build stage
|
|
FROM base AS build
|
|
RUN npm install typescript --save-dev
|
|
RUN npm run build
|
|
|
|
# Production stage
|
|
FROM node:20-alpine AS production
|
|
WORKDIR /app
|
|
|
|
# Install ffmpeg for video metadata, vips-dev for sharp HEIC support, yt-dlp for video fetching.
|
|
# su-exec lets the entrypoint drop privileges after fixing mounted volume permissions.
|
|
RUN apk add --no-cache ffmpeg vips-dev python3 py3-pip su-exec && pip3 install --break-system-packages yt-dlp
|
|
|
|
# Copy manifests and install production-only deps (no devDeps like typescript)
|
|
COPY --from=build /app/package*.json ./
|
|
RUN npm ci --omit=dev --ignore-scripts && \
|
|
npm install --no-save @img/sharp-linuxmusl-x64
|
|
|
|
# Copy built output and schema
|
|
COPY --from=build /app/dist ./dist
|
|
COPY --from=build /app/prisma ./prisma
|
|
RUN npx prisma generate
|
|
|
|
# Entrypoint chowns mounted /media subdirs (root-owned on fresh deploys) then
|
|
# drops to node via su-exec. Note: USER node is intentionally NOT set here —
|
|
# the entrypoint must start as root to repair host bind-mount permissions.
|
|
COPY media-docker-entrypoint.sh /usr/local/bin/
|
|
RUN chmod +x /usr/local/bin/media-docker-entrypoint.sh
|
|
|
|
ENTRYPOINT ["media-docker-entrypoint.sh"]
|
|
CMD ["node", "dist/media-server.js"]
|