8a7ffe673d
- Multi-stage Dockerfiles for web/api/generator (pnpm workspace install, tsx runtime — workspace packages are raw TS, same model as runner-template). - docker-compose.prod.yml: postgres + redis + the three app services. api/generator/web use host networking so the generator's host-port probe is correct and every service shares one address space; api + generator mount the Docker socket. Binds nothing on 80/443 — safe beside other apps. - Optional Traefik reverse proxy in infra/traefik/ (heavily gated — only if the box has no existing proxy). - .env.production.example, .dockerignore, DEPLOY.md (Cloudflare zone, GoDaddy nameserver switch, server deploy, Google Cloud Console OAuth app). - api/generator `start` now runs via tsx; `node dist/index.js` could never resolve the raw-TS workspace imports. All three images verified building clean; the API container boots under tsx. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
35 lines
537 B
Plaintext
35 lines
537 B
Plaintext
# Dependencies — reinstalled inside the image
|
|
node_modules
|
|
**/node_modules
|
|
|
|
# Build output / caches
|
|
.next
|
|
**/.next
|
|
dist
|
|
**/dist
|
|
.turbo
|
|
**/.turbo
|
|
*.tsbuildinfo
|
|
**/*.tsbuildinfo
|
|
coverage
|
|
|
|
# Generated MCP build contexts — recreated at runtime in a volume
|
|
build-context
|
|
|
|
# Secrets — never bake into an image (injected via env_file at runtime)
|
|
.env
|
|
.env.*
|
|
!.env.example
|
|
!.env.production.example
|
|
|
|
# OAuth signing keys — persisted in a named volume, not the image
|
|
keys
|
|
|
|
# Local / VCS noise
|
|
.git
|
|
.gitignore
|
|
.DS_Store
|
|
*.log
|
|
.vscode
|
|
.idea
|