FROM almalinux/9-base ARG NODEVER=20 # Install repos, update, install only needed packages, clean up in one layer RUN dnf install -y \ https://dl.fedoraproject.org/pub/epel/epel-release-latest-9.noarch.rpm && \ dnf update -y && \ dnf install -y wget procps cronie iproute nginx openssl git microdnf make gcc gcc-c++ && \ yum groupinstall 'Development Tools' && \ dnf clean all && \ rm -rf /var/cache/dnf /usr/share/doc /usr/share/man /usr/share/locale/* \ /var/cache/yum /tmp/* /var/tmp/* # Copy scripts into the image and set permissions COPY ./scripts/ /scripts/ RUN chmod +x /scripts/* # Generate self-signed cert, create needed dirs, install Node.js, clean up RUN openssl req -newkey rsa:2048 -nodes -keyout /etc/pki/tls/private/localhost.key -x509 -days 3650 -subj "/CN=localhost" -out /etc/pki/tls/certs/localhost.crt && \ mkdir -p /var/log/nodejs && \ /scripts/install-node$NODEVER.sh && \ rm -rf /tmp/* # Install PM2 globally for process management with minimal footprint RUN npm install -g pm2@latest --production && \ npm cache clean --force && \ rm -rf /tmp/* # Copy nginx config COPY ./configs/nginx.conf /etc/nginx/nginx.conf # Copy examples directory for default app fallback COPY ./examples/ /examples/ # Set up cron job for log rotation RUN echo "15 */12 * * * root /scripts/log-rotate.sh" >> /etc/crontab HEALTHCHECK --interval=30s --timeout=5s --start-period=60s --retries=3 \ CMD wget --spider -q http://localhost:3000/ping || exit 1 ENTRYPOINT [ "/scripts/entrypoint.sh" ]