build: add Containerfile for multi-stage container image

Three stages: node:24-alpine builds the Svelte SPA, golang:1.26-alpine compiles the Go binary with embedded assets (-tags production), and alpine:3.21 is the minimal runtime. Runs as unprivileged user (uid 1000). DB_PATH defaults to /data/wotra.db so a volume mount at /data provides persistent storage. podman run -e AUTH_TOKEN=secret -p 8080:8080 -v wotra-data:/data wotra
2026-05-01 22:05:29 +02:00
parent a372c17860
commit fe5603e206
1 changed files with 38 additions and 0 deletions
--- a/38
+++ b/38
@@ -0,0 +1,38 @@
+# ── Stage 1: build Svelte frontend ──────────────────────────────────────────
+FROM node:24-alpine AS web-builder
+
+WORKDIR /app/web
+COPY web/package*.json ./
+RUN npm ci --legacy-peer-deps
+COPY web/ ./
+RUN npm run build
+
+# ── Stage 2: build Go binary ─────────────────────────────────────────────────
+FROM golang:1.26-alpine AS go-builder
+
+WORKDIR /app
+COPY go.mod go.sum ./
+RUN go mod download
+
+COPY . .
+COPY --from=web-builder /app/web/build ./web/build
+
+RUN go build -tags production -o wotra ./cmd/wotra
+
+# ── Stage 3: minimal runtime image ───────────────────────────────────────────
+FROM alpine:3.21
+
+RUN adduser -D -u 1000 wotra
+
+WORKDIR /data
+USER wotra
+
+COPY --from=go-builder /app/wotra /usr/local/bin/wotra
+
+EXPOSE 8080
+
+ENV PORT=8080 \
+    DB_PATH=/data/wotra.db \
+    TZ=UTC
+
+ENTRYPOINT ["/usr/local/bin/wotra"]