diff --git a/Dockerfile b/Dockerfile index ab7a1d9e..2f3f6cc9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,50 +1,63 @@ -# Stage 1: Dependency Fetching -FROM node:20-alpine AS deps -WORKDIR /app -RUN npm i -g pnpm -COPY package.json pnpm-lock.yaml ./ -RUN pnpm fetch +# Stage 1: Base image with Node.js and pnpm enabled +# This stage is used as a foundation for all subsequent stages. +FROM node:20-alpine AS base +ENV PNPM_HOME="/pnpm" +ENV PATH="$PNPM_HOME:$PATH" +RUN corepack enable # Stage 2: Builder -FROM node:20-alpine AS builder +# This stage installs dependencies and builds the Next.js application. +FROM base AS builder WORKDIR /app -RUN npm i -g pnpm -# Install system dependencies -RUN apk add --no-cache imagemagick ghostscript +# Install system dependencies needed for your scripts/build +RUN apk add --no-cache imagemagick libwebp libwebp-tools ghostscript - -# Copy the dependency manifests and then run install. -RUN echo "PNPM store path is:" && pnpm store path -COPY --from=deps /root/.local/share/pnpm/store/v10 /root/.local/share/pnpm/store/v10 +# Copy only the necessary files for installing dependencies COPY package.json pnpm-lock.yaml ./ -RUN pnpm install --frozen-lockfile --offline -# Copy the rest +# Install ALL dependencies (including devDependencies needed for `next build`) +# This leverages the Docker cache effectively. +RUN pnpm install --frozen-lockfile + +# Copy the rest of your application source code COPY . . -# --- Asset Generation Step --- +# --- Asset Generation & Build --- RUN chmod +x ./scripts/*.sh && ./scripts/first_page_image.sh - -# Run the build. RUN pnpm build -# Stage 3: Runner -FROM node:20-alpine AS runner +# Stage 3: Runner (Production) +# This is the final, lean image that runs the application. +FROM base AS runner WORKDIR /app -# Create a non-root user for better security +# Set NODE_ENV to production +ENV NODE_ENV=production + +# Create a non-root user for security RUN addgroup --system --gid 1001 nodejs RUN adduser --system --uid 1001 nextjs -USER nextjs -# Copy only the necessary production artifacts from the builder stage +# Copy only the files needed for production from the builder stage +COPY --from=builder /app/package.json /app/pnpm-lock.yaml ./ + +# Install ONLY production dependencies. +# The pnpm CLI is already available from the 'base' stage. +RUN pnpm install --prod + +# Copy the built Next.js application and public assets COPY --from=builder /app/public ./public -COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./ -COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static +COPY --from=builder /app/.next ./.next + +# Change ownership to the non-root user +RUN chown -R nextjs:nodejs /app + +# Switch to the non-root user +USER nextjs EXPOSE 3000 ENV PORT=3000 -# The standalone output creates a server.js file that is the entrypoint -CMD ["node", "server.js"] \ No newline at end of file +# The command to start the Next.js server +CMD ["pnpm", "start"] \ No newline at end of file diff --git a/app/robots.ts b/app/robots.ts new file mode 100644 index 00000000..05b49391 --- /dev/null +++ b/app/robots.ts @@ -0,0 +1,12 @@ +import { MetadataRoute } from 'next' + +export default function robots(): MetadataRoute.Robots { + return { + rules: { + userAgent: '*', + allow: '/', + disallow: '/*.pdf$', + }, + sitemap: 'https://steffenillium.de/sitemap.xml', + } +} \ No newline at end of file diff --git a/package.json b/package.json index d6ee6768..325d65df 100644 --- a/package.json +++ b/package.json @@ -52,5 +52,13 @@ "tailwindcss": "^4.1.13", "tw-animate-css": "^1.3.8", "typescript": "^5.9.2" + }, + "pnpm": { + "trustedDependencies": [ + "@tailwindcss/oxide", + "esbuild", + "sharp", + "unrs-resolver" + ] } }