# ============================================ # OSINT Platform - Multi-stage Dockerfile # Optimized for Coolify deployment # ============================================ # Stage 1: Build frontend FROM node:20-alpine AS frontend-builder WORKDIR /app/frontend # Copy frontend package files COPY frontend/package*.json ./ # Install dependencies RUN npm ci --legacy-peer-deps # Copy frontend source COPY frontend/ ./ # Build frontend RUN npm run build # ============================================ # Stage 2: Build backend FROM node:20-alpine AS backend-builder WORKDIR /app/backend # Copy backend package files COPY backend/package*.json ./ # Install dependencies (including dev deps for build) RUN npm ci # Copy backend source COPY backend/ ./ # Build TypeScript RUN npm run build # ============================================ # Stage 3: Production runtime FROM node:20-slim AS production # Install Playwright dependencies # This includes all browser deps for Chromium RUN apt-get update && apt-get install -y --no-install-recommends \ # Playwright/Chromium dependencies libnss3 \ libnspr4 \ libatk1.0-0 \ libatk-bridge2.0-0 \ libcups2 \ libdrm2 \ libdbus-1-3 \ libxkbcommon0 \ libxcomposite1 \ libxdamage1 \ libxfixes3 \ libxrandr2 \ libgbm1 \ libasound2 \ libpango-1.0-0 \ libcairo2 \ libatspi2.0-0 \ # Additional utilities wget \ ca-certificates \ fonts-liberation \ # Clean up && rm -rf /var/lib/apt/lists/* \ && apt-get clean # Create non-root user for security RUN groupadd -r osint && useradd -r -g osint osint WORKDIR /app # Copy backend production files COPY --from=backend-builder /app/backend/dist ./dist COPY --from=backend-builder /app/backend/package*.json ./ # Install production dependencies only RUN npm ci --only=production --legacy-peer-deps # Install Playwright browsers (Chromium only for smaller image) RUN npx playwright install chromium # Copy frontend build COPY --from=frontend-builder /app/frontend/dist ./frontend/dist # Create logs directory with proper permissions RUN mkdir -p /app/logs && \ chown -R osint:osint /app # Environment variables ENV NODE_ENV=production ENV PORT=3001 # Expose port EXPOSE 3001 # Health check HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \ CMD wget --no-verbose --tries=1 --spider http://localhost:3001/api/health || exit 1 # Switch to non-root user USER osint # Start the application CMD ["node", "dist/index.js"]