diff --git a/aio/.dockerignore b/aio/.dockerignore new file mode 100644 index 00000000..f3d4db47 --- /dev/null +++ b/aio/.dockerignore @@ -0,0 +1,5 @@ +# Node.js artifacts +**/node_modules +**/dist +**/build +**/.svelte-kit \ No newline at end of file diff --git a/aio/Dockerfile b/aio/Dockerfile index e5607118..19705e55 100644 --- a/aio/Dockerfile +++ b/aio/Dockerfile @@ -1,4 +1,4 @@ -FROM node:22-bullseye-slim AS builder +FROM node:22-bullseye-slim AS frontend-builder LABEL maintainer="Sean Morley" @@ -10,7 +10,35 @@ ENV CI=true COPY frontend/package.json frontend/pnpm-lock.yaml* frontend/ COPY frontend/ frontend/ WORKDIR /app/frontend -RUN pnpm install --frozen-lockfile --reporter=silent && pnpm run build +RUN pnpm install --frozen-lockfile --reporter=silent && pnpm run build \ + && rm -rf node_modules \ + && pnpm install --prod --frozen-lockfile --reporter=silent + +ENV PYTHONDONTWRITEBYTECODE=1 +ENV PYTHONUNBUFFERED=1 +WORKDIR /code +ENV DEBIAN_FRONTEND=noninteractive + +FROM python:3.13-slim AS backend-builder +ENV PYTHONDONTWRITEBYTECODE=1 +ENV PYTHONUNBUFFERED=1 +WORKDIR /code +ENV DEBIAN_FRONTEND=noninteractive +# Install system dependencies needed for build +RUN apt-get update && apt-get install -y --no-install-recommends \ + git \ + postgresql-client \ + gdal-bin \ + libgdal-dev \ +# nginx \ +# memcached \ +# supervisor \ + && apt-get clean && rm -rf /var/lib/apt/lists/* + +# Install Python dependencies +COPY backend/server/requirements.txt /code/ +RUN pip install --upgrade pip \ + && pip install --no-cache-dir -r requirements.txt # --- Final stage: runtime with Python 3.13 --- FROM python:3.13-slim @@ -23,14 +51,13 @@ RUN apt-get update \ && apt-get install -y --no-install-recommends \ ca-certificates \ curl \ - build-essential \ - git \ postgresql-client \ gdal-bin \ libgdal-dev \ nginx \ memcached \ supervisor \ + dos2unix \ && curl -fsSL https://deb.nodesource.com/setup_22.x | bash - \ && apt-get install -y --no-install-recommends nodejs \ && apt-get clean \ @@ -40,17 +67,17 @@ RUN apt-get update \ COPY backend/ /code/backend/ COPY aio/ /code/aio/ -# Copy built frontend from builder -COPY --from=builder /app/frontend /code/frontend +# Copy built frontend from frontend-builder +COPY --from=frontend-builder /app/frontend /code/frontend -# Install Python dependencies -WORKDIR /code/backend/server -RUN pip3 install --upgrade pip \ - && pip3 install --no-cache-dir -r requirements.txt +# Copy Python packages from backend-builder +COPY --from=backend-builder /usr/local/lib/python3.13/site-packages /usr/local/lib/python3.13/site-packages +COPY --from=backend-builder /usr/local/bin /usr/local/bin # Ensure folders and permissions RUN mkdir -p /code/backend/media /code/static /code/media \ - && chmod +x /code/aio/entrypoint.sh || true + && chmod +x /code/aio/entrypoint.sh || true \ + && dos2unix /code/aio/entrypoint.sh || true # Copy nginx and supervisord configs into system locations from build context COPY aio/nginx.conf /etc/nginx/nginx.conf diff --git a/aio/entrypoint.sh b/aio/entrypoint.sh index baa086ea..f0b8a157 100644 --- a/aio/entrypoint.sh +++ b/aio/entrypoint.sh @@ -36,6 +36,15 @@ done # If APP_URL is provided, set PUBLIC_URL, FRONTEND_URL and CSRF_TRUSTED_ORIGINS # only when they are not already set so user can override individually. if [ -n "${APP_URL:-}" ]; then + # Remove :80 or :443 from APP_URL if present + APP_URL_NOPORT=$(echo "$APP_URL" | sed -E 's#(https?://[^:/]+)(:80|:443)?#\1#') + if [ -z "${CSRF_TRUSTED_ORIGINS:-}" ]; then + if [[ "$APP_URL" != "$APP_URL_NOPORT" ]]; then + export CSRF_TRUSTED_ORIGINS="$APP_URL,$APP_URL_NOPORT" + else + export CSRF_TRUSTED_ORIGINS="$APP_URL" + fi + fi export PUBLIC_URL="${PUBLIC_URL:-$APP_URL}" export FRONTEND_URL="${FRONTEND_URL:-$APP_URL}" export CSRF_TRUSTED_ORIGINS="${CSRF_TRUSTED_ORIGINS:-$APP_URL}"