FROM node:lts AS builder WORKDIR /app # Install pnpm RUN npm i -g pnpm # Copy package files COPY package.json pnpm-lock.yaml ./ # Install dependencies RUN pnpm install # Copy source code COPY . . # Build the application RUN pnpm run build FROM node:lts AS runtime WORKDIR /app # Install pnpm RUN npm i -g pnpm # Install Chrome dependencies RUN apt-get update && apt-get install -y \ wget \ gnupg \ ca-certificates \ fonts-liberation \ libasound2 \ libatk-bridge2.0-0 \ libatk1.0-0 \ libc6 \ libcairo-gobject2 \ libcairo2 \ libcups2 \ libdbus-1-3 \ libexpat1 \ libfontconfig1 \ libgbm1 \ libgcc1 \ libglib2.0-0 \ libgtk-3-0 \ libnspr4 \ libnss3 \ libpango-1.0-0 \ libpangocairo-1.0-0 \ libstdc++6 \ libx11-6 \ libx11-xcb1 \ libxcb1 \ libxcomposite1 \ libxcursor1 \ libxdamage1 \ libxext6 \ libxfixes3 \ libxi6 \ libxrandr2 \ libxrender1 \ libxss1 \ libxtst6 \ lsb-release \ xdg-utils \ && rm -rf /var/lib/apt/lists/* # Install Chrome RUN wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - \ && echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list \ && apt-get update \ && apt-get install -y google-chrome-stable \ && rm -rf /var/lib/apt/lists/* # Copy built application COPY --from=builder /app/dist ./dist COPY package.json pnpm-lock.yaml ./ # Install production dependencies RUN pnpm install --prod # Create a non-root user for security RUN groupadd -r pptruser && useradd -r -g pptruser -G audio,video pptruser \ && mkdir -p /home/pptruser/Downloads \ && chown -R pptruser:pptruser /home/pptruser \ && chown -R pptruser:pptruser /app # Set environment variables ENV HOST=0.0.0.0 ENV PORT=4321 ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true ENV PUPPETEER_EXECUTABLE_PATH=/usr/bin/google-chrome-stable # Expose port EXPOSE 4321 # Switch to non-root user USER pptruser # Start the application CMD ["node", "./dist/server/entry.mjs"]