| FROM node:20-slim AS builder | |
| USER root | |
| RUN apt-get update && apt-get install -y git && rm -rf /var/lib/apt/lists/* | |
| WORKDIR /app | |
| RUN git clone https://github.com/CorentinTh/enclosed | |
| WORKDIR /app/enclosed | |
| RUN npm install -g pnpm --ignore-scripts && \ | |
| pnpm install --frozen-lockfile --ignore-scripts | |
| RUN pnpm --filter @enclosed/crypto run build && \ | |
| pnpm --filter @enclosed/lib run build && \ | |
| pnpm --filter @enclosed/app-client run build && \ | |
| pnpm --filter @enclosed/app-server run build:node | |
| FROM node:20-slim | |
| RUN apt-get update && apt-get install -y \ | |
| git \ | |
| git-lfs \ | |
| bash \ | |
| curl \ | |
| wget \ | |
| procps && rm -rf /var/lib/apt/lists/* | |
| WORKDIR /app | |
| RUN chown -R 1000 /app | |
| COPY --chown=1000 sync-notes.js ./ | |
| COPY --chown=1000 ecosystem.config.js ./ | |
| RUN npm install -g pm2 && \ | |
| npm install node-cron | |
| COPY --from=builder /app/enclosed/packages/app-client/dist ./public | |
| COPY --from=builder /app/enclosed/packages/app-server/dist-node/index.cjs ./index.cjs | |
| RUN --mount=type=secret,id=DATA_REPO,mode=0444,required=true \ | |
| git clone $(cat /run/secrets/DATA_REPO) ./.data | |
| WORKDIR /app/.data | |
| RUN --mount=type=secret,id=GIT_USERNAME,mode=0444,required=true \ | |
| git config user.name $(cat /run/secrets/GIT_USERNAME) | |
| RUN --mount=type=secret,id=GIT_EMAIL,mode=0444,required=true \ | |
| git config user.email $(cat /run/secrets/GIT_EMAIL) | |
| WORKDIR /app | |
| RUN chown -R 1000 /app/.data | |
| RUN chmod 777 /app/.data | |
| USER 1000 | |
| EXPOSE 8787 | |
| CMD ["/bin/sh", "-c", "cd .data; git pull; cd ..; pm2-runtime ecosystem.config.js"] |