-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathDockerfile
More file actions
109 lines (83 loc) · 3.38 KB
/
Dockerfile
File metadata and controls
109 lines (83 loc) · 3.38 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
# =============================================================================
# Stage 1 — Backend builder
# Install Python dependencies into a venv for clean copying
# =============================================================================
FROM python:3.11-slim AS backend-builder
WORKDIR /build
# Install build tools
RUN apt-get update && apt-get install -y --no-install-recommends \
gcc \
&& rm -rf /var/lib/apt/lists/*
# Copy only the packaging files first (layer-cache friendly)
COPY pyproject.toml ./
COPY src/ ./src/
# Create venv and install
RUN python -m venv /opt/venv
ENV PATH="/opt/venv/bin:$PATH"
RUN pip install --upgrade pip && pip install --no-cache-dir .
# =============================================================================
# Stage 2 — Frontend builder
# Build Next.js standalone output
# =============================================================================
FROM node:20-slim AS frontend-builder
WORKDIR /build/frontend
# Install dependencies first (layer-cache friendly)
COPY frontend/package.json frontend/package-lock.json* ./
RUN npm ci
# Copy source and build
COPY frontend/ ./
# NEXT_PUBLIC_API_URL is baked at build time — nginx proxies /api/* on port 8080
ENV NEXT_PUBLIC_API_URL=http://localhost:8080
RUN npm run build
# =============================================================================
# Stage 3 — Production image
# Combines Python venv, Next.js standalone, nginx, supervisord
# =============================================================================
FROM python:3.11-slim AS production
WORKDIR /app
# Install nginx, supervisord, curl (for health check), and Node.js runtime
RUN apt-get update && apt-get install -y --no-install-recommends \
nginx \
supervisor \
curl \
ca-certificates \
&& rm -rf /var/lib/apt/lists/*
# Copy Node.js binary from builder (same Debian base — compatible)
COPY --from=frontend-builder /usr/local/bin/node /usr/local/bin/node
# Copy Python venv
COPY --from=backend-builder /opt/venv /opt/venv
ENV PATH="/opt/venv/bin:$PATH"
# Copy application source
COPY src/ ./src/
COPY config/ ./config/
COPY data/ ./data/
COPY templates/ ./templates/
COPY legal/ ./legal/
COPY schemas/ ./schemas/
COPY scripts/ ./scripts/
# Copy Next.js standalone build
COPY --from=frontend-builder /build/frontend/.next/standalone ./frontend/standalone
COPY --from=frontend-builder /build/frontend/.next/static ./frontend/standalone/.next/static
COPY --from=frontend-builder /build/frontend/public ./frontend/standalone/public
# Install nginx and supervisord config
COPY scripts/docker-nginx.conf /etc/nginx/sites-available/odia
RUN rm -f /etc/nginx/sites-enabled/default && \
ln -s /etc/nginx/sites-available/odia /etc/nginx/sites-enabled/odia
COPY scripts/docker-supervisord.conf /etc/supervisord.conf
# Install entrypoint
COPY scripts/docker-entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh
# Runtime directories
RUN mkdir -p /data/documents /data/reports /app/reports /app/manifests
# Environment
ENV PYTHONPATH="/app/src"
ENV PYTHONUNBUFFERED="1"
# API keys — override at runtime via -e or docker-compose environment
ENV OPENAI_API_KEY=""
ENV ANTHROPIC_API_KEY=""
# Persistent user data (documents, reports)
VOLUME ["/data"]
EXPOSE 8080
HEALTHCHECK --interval=30s --timeout=10s --start-period=15s --retries=3 \
CMD curl -f http://localhost:8080/api/v1/health || exit 1
ENTRYPOINT ["/entrypoint.sh"]