FROM almalinux/9-base ARG NODEVER=20 # Install repos, update, install only needed packages, clean up in one layer RUN dnf install -y \ https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm && \ dnf update -y && \ dnf install -y wget procps cronie iproute nginx openssl curl && \ dnf clean all && \ rm -rf /var/cache/dnf /usr/share/doc /usr/share/man /usr/share/locale/* \ /var/cache/yum /tmp/* /var/tmp/* # Copy scripts into the image and set permissions COPY ./scripts/ /scripts/ RUN chmod +x /scripts/* # Generate self-signed cert, create needed dirs, install Node.js, clean up RUN openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/tls/private/localhost.key -x509 -days 3650 -subj "/CN=localhost" -out /etc/pki/tls/certs/localhost.crt && \ mkdir -p /var/log/nodejs && \ /scripts/install-node$NODEVER.sh && \ rm -rf /tmp/* # Install PM2 globally for process management with minimal footprint RUN npm install -g pm2@latest --production && \ npm cache clean --force && \ rm -rf /tmp/* # Copy configs and web files COPY ./configs/nginx.conf /etc/nginx/nginx.conf COPY ./configs/index.js /var/www/html/ COPY ./configs/package.json /var/www/html/ COPY ./configs/ecosystem.config.js /var/www/html/ # Set up cron job for log rotation RUN echo "15 */12 * * * root /scripts/log-rotate.sh" >> /etc/crontab HEALTHCHECK --interval=30s --timeout=5s --start-period=60s --retries=3 \ CMD curl -f http://localhost:3000/ping || exit 1 ENTRYPOINT [ "/scripts/entrypoint.sh" ]