techblog/Dockerfile

# syntax=docker/dockerfile:1

# Stage 1: Build frontend assets
FROM node:20-alpine AS node-builder
WORKDIR /app
COPY package.json package-lock.json ./
RUN npm ci
COPY . .
RUN npm run build

# Stage 2: Install PHP dependencies
FROM composer:2 AS composer-builder
WORKDIR /app
COPY composer.json composer.lock ./
# Mount auth.json as a secret so it never gets baked into the image
RUN --mount=type=secret,id=composer_auth \
    test -s /run/secrets/composer_auth || (echo "ERROR: composer_auth secret is missing or empty" && exit 1) && \
    COMPOSER_AUTH=$(cat /run/secrets/composer_auth) \
    composer install \
    --no-dev \
    --no-interaction \
    --no-plugins \
    --no-scripts \
    --prefer-dist \
    --optimize-autoloader
COPY . .
# Run post-install scripts now that source is present
RUN composer run-script post-autoload-dump 2>/dev/null || true

# Stage 3: Production image
FROM php:8.2-fpm-alpine

# Install system dependencies and PHP extensions
RUN apk add --no-cache \
    nginx \
    supervisor \
    curl \
    libpng-dev \
    libjpeg-turbo-dev \
    libwebp-dev \
    freetype-dev \
    libzip-dev \
    icu-dev \
    oniguruma-dev \
    && docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp \
    && docker-php-ext-install -j$(nproc) \
        pdo_mysql \
        pdo_sqlite \
        mbstring \
        exif \
        pcntl \
        bcmath \
        gd \
        zip \
        intl \
        opcache

WORKDIR /var/www/html

# Copy application files
COPY --from=composer-builder /app /var/www/html
COPY --from=node-builder /app/public/build /var/www/html/public/build

# Copy Docker config files
COPY docker/nginx.conf /etc/nginx/nginx.conf
COPY docker/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
COPY docker/php.ini /usr/local/etc/php/conf.d/app.ini

# Set up storage and cache directories
RUN mkdir -p \
    storage/framework/sessions \
    storage/framework/views \
    storage/framework/cache/data \
    storage/logs \
    bootstrap/cache \
    && chown -R www-data:www-data /var/www/html \
    && chmod -R 755 /var/www/html \
    && chmod -R 775 storage bootstrap/cache

# Remove any accidentally included .env files
RUN rm -f .env .env.* 2>/dev/null || true

EXPOSE 80

CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]
Updating actions file 2026-03-31 04:06:02 +00:00			`# syntax=docker/dockerfile:1`

Forgejo Actions Script 2026-03-31 02:54:47 +00:00			`# Stage 1: Build frontend assets`
			`FROM node:20-alpine AS node-builder`
			`WORKDIR /app`
			`COPY package.json package-lock.json ./`
			`RUN npm ci`
			`COPY . .`
			`RUN npm run build`

			`# Stage 2: Install PHP dependencies`
			`FROM composer:2 AS composer-builder`
			`WORKDIR /app`
			`COPY composer.json composer.lock ./`
Updating actions file 2026-03-31 04:06:02 +00:00			`# Mount auth.json as a secret so it never gets baked into the image`
Use COmposer_auth env var for secret 2026-03-31 04:16:01 +00:00			`RUN --mount=type=secret,id=composer_auth \`
			`test -s /run/secrets/composer_auth \|\| (echo "ERROR: composer_auth secret is missing or empty" && exit 1) && \`
			`COMPOSER_AUTH=$(cat /run/secrets/composer_auth) \`
Updating actions file 2026-03-31 04:06:02 +00:00			`composer install \`
Forgejo Actions Script 2026-03-31 02:54:47 +00:00			`--no-dev \`
			`--no-interaction \`
			`--no-plugins \`
			`--no-scripts \`
			`--prefer-dist \`
			`--optimize-autoloader`
			`COPY . .`
			`# Run post-install scripts now that source is present`
			`RUN composer run-script post-autoload-dump 2>/dev/null \|\| true`

			`# Stage 3: Production image`
			`FROM php:8.2-fpm-alpine`

			`# Install system dependencies and PHP extensions`
			`RUN apk add --no-cache \`
			`nginx \`
			`supervisor \`
			`curl \`
			`libpng-dev \`
			`libjpeg-turbo-dev \`
			`libwebp-dev \`
			`freetype-dev \`
			`libzip-dev \`
			`icu-dev \`
			`oniguruma-dev \`
			`&& docker-php-ext-configure gd --with-freetype --with-jpeg --with-webp \`
			`&& docker-php-ext-install -j$(nproc) \`
			`pdo_mysql \`
			`pdo_sqlite \`
			`mbstring \`
			`exif \`
			`pcntl \`
			`bcmath \`
			`gd \`
			`zip \`
			`intl \`
			`opcache`

			`WORKDIR /var/www/html`

			`# Copy application files`
			`COPY --from=composer-builder /app /var/www/html`
			`COPY --from=node-builder /app/public/build /var/www/html/public/build`

			`# Copy Docker config files`
			`COPY docker/nginx.conf /etc/nginx/nginx.conf`
			`COPY docker/supervisord.conf /etc/supervisor/conf.d/supervisord.conf`
			`COPY docker/php.ini /usr/local/etc/php/conf.d/app.ini`

			`# Set up storage and cache directories`
			`RUN mkdir -p \`
			`storage/framework/sessions \`
			`storage/framework/views \`
			`storage/framework/cache/data \`
			`storage/logs \`
			`bootstrap/cache \`
			`&& chown -R www-data:www-data /var/www/html \`
			`&& chmod -R 755 /var/www/html \`
			`&& chmod -R 775 storage bootstrap/cache`

			`# Remove any accidentally included .env files`
			`RUN rm -f .env .env.* 2>/dev/null \|\| true`

			`EXPOSE 80`

			`CMD ["/usr/bin/supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]`