groombook/app
Archived
13
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Docker self-hosting setup with migration service and auth bypass

Browse Source 
- Fix Dockerfiles to copy pnpm-lock.yaml (frozen-lockfile compliance)
- Add migrate target to API Dockerfile using builder stage
- Add migrate service to docker-compose that runs before API starts
- Add AUTH_DISABLED env var bypass to auth middleware for dev/Docker
- Proxy /api/ from nginx to API container (no CORS needed)
- Include initial Drizzle migration (0000_colossal_colossus.sql)
- Add .env.example with all configurable variables
- Update README with Docker self-hosting instructions

Closes #7

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Groom Book CTO
2026-03-17 18:18:46 +00:00
parent 4f92b8bffb
commit 1098120bf3
10 changed files with 666 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/api/Dockerfile
+6 -2
View File
@@ -4,7 +4,7 @@ WORKDIR /app
# Install deps
FROM base AS deps
COPY package.json pnpm-workspace.yaml ./
COPY package.json pnpm-workspace.yaml pnpm-lock.yaml ./
COPY apps/api/package.json apps/api/
COPY packages/db/package.json packages/db/
COPY packages/types/package.json packages/types/
@@ -22,7 +22,7 @@ RUN corepack enable && corepack prepare pnpm@9.15.4 --activate
WORKDIR /app
ENV NODE_ENV=production
COPY package.json pnpm-workspace.yaml ./
COPY package.json pnpm-workspace.yaml pnpm-lock.yaml ./
COPY apps/api/package.json apps/api/
COPY packages/db/package.json packages/db/
COPY packages/types/package.json packages/types/
@@ -34,3 +34,7 @@ COPY --from=builder /app/packages/types packages/types
EXPOSE 3000
CMD ["node", "apps/api/dist/index.js"]
# Migrate stage — runs drizzle-kit migrate against the database
FROM builder AS migrate
CMD ["pnpm", "db:migrate"]
apps/api/src/middleware/auth.ts
+6
View File
@@ -24,6 +24,12 @@ export interface JwtPayload {
}
export const authMiddleware: MiddlewareHandler = async (c, next) => {
if (process.env.AUTH_DISABLED === "true") {
c.set("jwtPayload", { sub: "dev-user" } as JwtPayload);
await next();
return;
}
const authorization = c.req.header("Authorization");
if (!authorization?.startsWith("Bearer ")) {
return c.json({ error: "Unauthorized" }, 401);