Robots, pnpm, approve builds

Dockerfile

@@ -1,50 +1,63 @@
-# Stage 1: Dependency Fetching
-FROM node:20-alpine AS deps
-WORKDIR /app
-RUN npm i -g pnpm
-COPY package.json pnpm-lock.yaml ./
-RUN pnpm fetch
+# Stage 1: Base image with Node.js and pnpm enabled
+# This stage is used as a foundation for all subsequent stages.
+FROM node:20-alpine AS base
+ENV PNPM_HOME="/pnpm"
+ENV PATH="$PNPM_HOME:$PATH"
+RUN corepack enable
 
 # Stage 2: Builder
-FROM node:20-alpine AS builder
+# This stage installs dependencies and builds the Next.js application.
+FROM base AS builder
 WORKDIR /app
-RUN npm i -g pnpm
 
-# Install system dependencies
-RUN apk add --no-cache imagemagick ghostscript
+# Install system dependencies needed for your scripts/build
+RUN apk add --no-cache imagemagick libwebp libwebp-tools ghostscript
 
-
-# Copy the dependency manifests and then run install.
-RUN echo "PNPM store path is:" && pnpm store path
-COPY --from=deps /root/.local/share/pnpm/store/v10 /root/.local/share/pnpm/store/v10
+# Copy only the necessary files for installing dependencies
 COPY package.json pnpm-lock.yaml ./
-RUN pnpm install --frozen-lockfile --offline
 
-# Copy the rest
+# Install ALL dependencies (including devDependencies needed for `next build`)
+# This leverages the Docker cache effectively.
+RUN pnpm install --frozen-lockfile
+
+# Copy the rest of your application source code
 COPY . .
 
-# --- Asset Generation Step ---
+# --- Asset Generation & Build ---
 RUN chmod +x ./scripts/*.sh && ./scripts/first_page_image.sh
-
-# Run the build.
 RUN pnpm build
 
-# Stage 3: Runner
-FROM node:20-alpine AS runner
+# Stage 3: Runner (Production)
+# This is the final, lean image that runs the application.
+FROM base AS runner
 WORKDIR /app
 
-# Create a non-root user for better security
+# Set NODE_ENV to production
+ENV NODE_ENV=production
+
+# Create a non-root user for security
 RUN addgroup --system --gid 1001 nodejs
 RUN adduser --system --uid 1001 nextjs
-USER nextjs
 
-# Copy only the necessary production artifacts from the builder stage
+# Copy only the files needed for production from the builder stage
+COPY --from=builder /app/package.json /app/pnpm-lock.yaml ./
+
+# Install ONLY production dependencies.
+# The pnpm CLI is already available from the 'base' stage.
+RUN pnpm install --prod
+
+# Copy the built Next.js application and public assets
 COPY --from=builder /app/public ./public
-COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
-COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
+COPY --from=builder /app/.next ./.next
+
+# Change ownership to the non-root user
+RUN chown -R nextjs:nodejs /app
+
+# Switch to the non-root user
+USER nextjs
 
 EXPOSE 3000
 ENV PORT=3000
 
-# The standalone output creates a server.js file that is the entrypoint
-CMD ["node", "server.js"]
+# The command to start the Next.js server
+CMD ["pnpm", "start"]

app/robots.ts

@@ -0,0 +1,12 @@
+import { MetadataRoute } from 'next'
+
+export default function robots(): MetadataRoute.Robots {
+  return {
+    rules: {
+      userAgent: '*',
+      allow: '/',
+      disallow: '/*.pdf$',
+    },
+    sitemap: 'https://steffenillium.de/sitemap.xml',
+  }
+}

package.json

@@ -52,5 +52,13 @@
     "tailwindcss": "^4.1.13",
     "tw-animate-css": "^1.3.8",
     "typescript": "^5.9.2"
+  },
+  "pnpm": {
+    "trustedDependencies": [
+      "@tailwindcss/oxide",
+      "esbuild",
+      "sharp",
+      "unrs-resolver"
+    ]
   }
 }