DHI Image and package upgrade

.gitea/workflows/main.yaml

@@ -11,13 +11,22 @@ jobs:
     - name: Checkout
       uses: actions/checkout@v4
 
+    # 1. Login to Local Registry (Push)
     - name: Login to Gitea Package Registry
       uses: docker/login-action@v3
       with:
-        registry: ${{vars.LOCAL_REGISTRY}}
-        username: ${{ VARS.USER }}
+        registry: ${{ vars.LOCAL_REGISTRY }}
+        username: ${{ vars.USER }}
         password: ${{ secrets.TOKEN }}
 
+    # 2. Login to DHI Registry (Pull)
+    - name: Login to DHI Registry
+      uses: docker/login-action@v3
+      with:
+        registry: dhi.io
+        username: ${{ secrets.DHI_USERNAME }}
+        password: ${{ secrets.DHI_PASSWORD }}
+    
     - name: Set up Docker Buildx
       uses: docker/setup-buildx-action@v3
 
@@ -30,6 +39,7 @@ jobs:
         tags: |
             ${{ vars.LOCAL_REGISTRY }}/${{ gitea.repository_owner }}/website:latest
             ${{ vars.LOCAL_REGISTRY }}/${{ gitea.repository_owner }}/website:${{ gitea.sha }}
+            
         # make this work in future releases
         # cache-from: type=registry,ref=${{ vars.LOCAL_REGISTRY }}/${{ gitea.repository_owner }}/website:buildcache
         # cache-to: type=registry,ref=${{ vars.LOCAL_REGISTRY }}/${{ gitea.repository_owner 

Dockerfile

@@ -1,59 +1,45 @@
-# Stage 1: Base image with Node.js and pnpm enabled
-# This stage is used as a foundation for all subsequent stages.
-FROM node:25-alpine AS base
+# --- Stage 1: Base (Development) ---
+FROM dhi.io/node:25-alpine3.23-dev AS base
 ENV PNPM_HOME="/pnpm"
 ENV PATH="$PNPM_HOME:$PATH"
 
-RUN npm i -g corepack --force && corepack prepare pnpm@latest --activate
+# Enable corepack
+RUN corepack enable
 
-# Stage 2: Builder
-# This stage installs dependencies and builds the Next.js application.
+# --- Stage 2: Builder ---
 FROM base AS builder
 WORKDIR /app
 
-# Install system dependencies needed for your scripts/build
+# Install system dependencies
 RUN apk add --no-cache imagemagick libwebp libwebp-tools ghostscript
 
-# Copy only the necessary files for installing dependencies
 COPY package.json pnpm-lock.yaml ./
-# Install ALL dependencies (including devDependencies needed for `next build`)
-# This leverages the Docker cache effectively.
 RUN pnpm install --frozen-lockfile
 
-# Copy the rest of your application source code
 COPY . .
 
-# --- Asset Generation & Build ---
+# Run scripts
 RUN chmod +x ./scripts/*.sh && ./scripts/first_page_image.sh
-# The build command creates the .next/standalone directory
+
+# Build the application
 RUN pnpm build
 
-# Stage 3: Runner (Production)
-FROM base AS runner
+# --- Stage 3: Runner (Production) ---
+FROM dhi.io/node:25-alpine3.23 AS runner
 WORKDIR /app
 
-# Set NODE_ENV to production
 ENV NODE_ENV=production
-
-# Create a non-root user for security
-RUN addgroup --system --gid 1001 nodejs
-RUN adduser --system --uid 1001 nextjs
-
-# Copy the standalone output from the builder
-COPY --from=builder /app/.next/standalone ./
-
-# Copy the public and static assets
-COPY --from=builder /app/public ./public
-COPY --from=builder /app/.next/static ./.next/static
-
-# Change ownership to the non-root user
-RUN chown -R nextjs:nodejs /app
-# Switch to the non-root user
-USER nextjs
-
-EXPOSE 3000
 ENV PORT=3000
 
-# --- FINAL CMD CHANGED ---
-# Directly run the standalone server.
+# Copy standalone output with ownership set to the 'node' user
+COPY --from=builder --chown=node:node /app/.next/standalone ./
+COPY --from=builder --chown=node:node /app/public ./public
+COPY --from=builder --chown=node:node /app/.next/static ./.next/static
+
+# Switch to the non-root user provided by the base image
+USER node
+
+EXPOSE 3000
+
+# Run
 CMD ["node", "server.js"]

package.json

@@ -9,20 +9,15 @@
     "lint": "eslint"
   },
   "dependencies": {
-    "@radix-ui/react-avatar": "^1.1.11",
     "@radix-ui/react-avatar": "^1.1.11",
     "@radix-ui/react-icons": "^1.3.2",
     "@radix-ui/react-navigation-menu": "^1.2.14",
     "@radix-ui/react-separator": "^1.1.8",
     "@radix-ui/react-slot": "^1.2.4",
-    "@radix-ui/react-separator": "^1.1.8",
-    "@radix-ui/react-slot": "^1.2.4",
     "@radix-ui/react-switch": "^1.2.6",
     "@radix-ui/react-tooltip": "^1.2.8",
     "@retorquere/bibtex-parser": "^9.0.26",
     "@tailwindcss/typography": "^0.5.19",
-    "@retorquere/bibtex-parser": "^9.0.26",
-    "@tailwindcss/typography": "^0.5.19",
     "cheerio": "^1.1.2",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",
@@ -30,7 +25,7 @@
     "gray-matter": "^4.0.3",
     "lucide-react": "^0.562.0",
     "mdx-bundler": "^10.1.1",
-    "motion": "^12.23.26",
+    "motion": "^12.25.0",
     "next": "16.1.1",
     "next-themes": "^0.4.6",
     "qrcode": "^1.5.4",
@@ -47,7 +42,7 @@
     "remark-parse": "^11.0.0",
     "remark-rehype": "^11.1.2",
     "rough-notation": "^0.5.1",
-    "shiki": "^3.20.0",
+    "shiki": "^3.21.0",
     "tailwind-merge": "^3.4.0",
     "tailwindcss-animate": "^1.0.7",
     "unified": "^11.0.5"
@@ -56,9 +51,9 @@
     "@eslint/eslintrc": "^3.3.3",
     "@tailwindcss/postcss": "^4.1.18",
     "@types/culori": "^4.0.1",
-    "@types/node": "^25.0.3",
+    "@types/node": "^25.0.6",
     "@types/qrcode": "^1.5.6",
-    "@types/react": "^19.2.7",
+    "@types/react": "^19.2.8",
     "@types/react-dom": "^19.2.3",
     "eslint": "^9.39.2",
     "eslint-config-next": "16.1.1",