# ============================================ # Base stage - shared configuration # ============================================ FROM oven/bun:latest AS base WORKDIR /app # Install system dependencies with cleanup in same layer RUN apt-get update && \ apt-get install -y --no-install-recommends git && \ rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* # ============================================ # Dependencies stage - installs all deps # ============================================ FROM base AS deps # Copy only package files first (better layer caching) COPY package.json bun.lock ./ COPY panel/package.json panel/ # Install dependencies RUN bun install --frozen-lockfile # ============================================ # Development stage - for local dev with volume mounts # ============================================ FROM base AS development # Copy dependencies from deps stage COPY --from=deps /app/node_modules ./node_modules # Expose ports EXPOSE 3000 # Default command CMD ["bun", "run", "dev"] # ============================================ # Builder stage - copies source for production # ============================================ FROM base AS builder # Copy dependencies from deps stage COPY --from=deps /app/node_modules ./node_modules # Copy source code COPY . . # Build admin panel RUN cd panel && bun run build # ============================================ # Production stage - minimal runtime image # ============================================ FROM oven/bun:latest AS production WORKDIR /app # Copy only what's needed for production COPY --from=builder --chown=bun:bun /app/node_modules ./node_modules COPY --from=builder --chown=bun:bun /app/web/src ./web/src COPY --from=builder --chown=bun:bun /app/bot ./bot COPY --from=builder --chown=bun:bun /app/shared ./shared COPY --from=builder --chown=bun:bun /app/panel/dist ./panel/dist COPY --from=builder --chown=bun:bun /app/package.json . COPY --from=builder --chown=bun:bun /app/drizzle.config.ts . COPY --from=builder --chown=bun:bun /app/tsconfig.json . # Switch to non-root user USER bun # Expose web dashboard port EXPOSE 3000 # Health check HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \ CMD bun -e "fetch('http://localhost:3000/api/health').then(r => r.ok ? process.exit(0) : process.exit(1)).catch(() => process.exit(1))" # Run in production mode CMD ["bun", "run", "bot/index.ts"]