Christian Schindler chrishdx

0 Followers · 0 Following

• Joined on 2024-02-09

Repositories

2

Projects

2

Packages Public Activity Starred Repositories

apex (latest)

Published 2025-12-16 14:44:15 +01:00 by chrishdx

Installation

Pull the image from the command line:

docker pull git.csnetworkx.dev/chrishdx/apex:latest

Digest

sha256:dcd909816d0b4a5ddc934f0c2496fae6beba4a08d5f0e7b8df829a2e873be495

For more information on the Container registry, see the documentation.

Images

Digest	OS / Arch	Size
6ed25179eb	linux/amd64	243 MiB
bb525660a3	linux/arm64	238 MiB

Image Layers ( linux/arm64)

ADD alpine-minirootfs-3.21.3-aarch64.tar.gz / # buildkit

CMD ["/bin/sh"]

ENV NODE_VERSION=18.20.8

RUN /bin/sh -c addgroup -g 1000 node && adduser -u 1000 -G node -s /bin/sh -D node && apk add --no-cache libstdc++ && apk add --no-cache --virtual .build-deps curl && ARCH= OPENSSL_ARCH='linux*' && alpineArch="$(apk --print-arch)" && case "${alpineArch##*-}" in x86_64) ARCH='x64' CHECKSUM="2c75d5d562d3ffc049ca1bbea65b68ae6bd0ec50ed04b1f606e065eaf35e8599" OPENSSL_ARCH=linux-x86_64;; x86) OPENSSL_ARCH=linux-elf;; aarch64) OPENSSL_ARCH=linux-aarch64;; arm*) OPENSSL_ARCH=linux-armv4;; ppc64le) OPENSSL_ARCH=linux-ppc64le;; s390x) OPENSSL_ARCH=linux-s390x;; *) ;; esac && if [ -n "${CHECKSUM}" ]; then set -eu; curl -fsSLO --compressed "https://unofficial-builds.nodejs.org/download/release/v$NODE_VERSION/node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz"; echo "$CHECKSUM node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" | sha256sum -c - && tar -xJf "node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" -C /usr/local --strip-components=1 --no-same-owner && ln -s /usr/local/bin/node /usr/local/bin/nodejs; else echo "Building from source" && apk add --no-cache --virtual .build-deps-full binutils-gold g++ gcc gnupg libgcc linux-headers make python3 py-setuptools && export GNUPGHOME="$(mktemp -d)" && for key in C0D6248439F1D5604AAFFB4021D900FFDB233756 DD792F5973C6DE52C432CBDAC77ABFA00DDBF2B7 CC68F5A3106FF448322E48ED27F5E38D5B0A215F 8FCCA13FEF1D0C2E91008E09770F7A9A5AE15600 890C08DB8579162FEE0DF9DB8BEAB4DFCF555EF4 C82FA3AE1CBEDC6BE46B9360C43CEC45C17AB93C 108F52B48DB57BB0CC439B2997B01419BD92F80A A363A499291CBBC940DD62E41F10027AF002F8B0 ; do gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; done && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/node-v$NODE_VERSION.tar.xz" && curl -fsSLO --compressed "https://nodejs.org/dist/v$NODE_VERSION/SHASUMS256.txt.asc" && gpg --batch --decrypt --output SHASUMS256.txt SHASUMS256.txt.asc && gpgconf --kill all && rm -rf "$GNUPGHOME" && grep " node-v$NODE_VERSION.tar.xz\$" SHASUMS256.txt | sha256sum -c - && tar -xf "node-v$NODE_VERSION.tar.xz" && cd "node-v$NODE_VERSION" && ./configure && make -j$(getconf _NPROCESSORS_ONLN) V= && make install && apk del .build-deps-full && cd .. && rm -Rf "node-v$NODE_VERSION" && rm "node-v$NODE_VERSION.tar.xz" SHASUMS256.txt.asc SHASUMS256.txt; fi && rm -f "node-v$NODE_VERSION-linux-$ARCH-musl.tar.xz" && find /usr/local/include/node/openssl/archs -mindepth 1 -maxdepth 1 ! -name "$OPENSSL_ARCH" -exec rm -rf {} \; && apk del .build-deps && node --version && npm --version # buildkit

ENV YARN_VERSION=1.22.22

RUN /bin/sh -c apk add --no-cache --virtual .build-deps-yarn curl gnupg tar && export GNUPGHOME="$(mktemp -d)" && for key in 6A010C5166006599AA17F08146C2130DFD2497F5 ; do gpg --batch --keyserver hkps://keys.openpgp.org --recv-keys "$key" || gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key" ; done && curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz" && curl -fsSLO --compressed "https://yarnpkg.com/downloads/$YARN_VERSION/yarn-v$YARN_VERSION.tar.gz.asc" && gpg --batch --verify yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz && gpgconf --kill all && rm -rf "$GNUPGHOME" && mkdir -p /opt && tar -xzf yarn-v$YARN_VERSION.tar.gz -C /opt/ && ln -s /opt/yarn-v$YARN_VERSION/bin/yarn /usr/local/bin/yarn && ln -s /opt/yarn-v$YARN_VERSION/bin/yarnpkg /usr/local/bin/yarnpkg && rm yarn-v$YARN_VERSION.tar.gz.asc yarn-v$YARN_VERSION.tar.gz && apk del .build-deps-yarn && yarn --version && rm -rf /tmp/* # buildkit

COPY docker-entrypoint.sh /usr/local/bin/ # buildkit

ENTRYPOINT ["docker-entrypoint.sh"]

CMD ["node"]

ARG NODE_ENV=production

ARG BUILD_VERSION=unknown

ENV NODE_ENV=production

ENV BUILD_VERSION=unknown

ENV TZ=Europe/Berlin

RUN |2 NODE_ENV=production BUILD_VERSION=unknown /bin/sh -c apk add --no-cache nginx supervisor curl tzdata tini su-exec shadow cups-client vips-dev build-base python3 && rm -rf /var/cache/apk/* # buildkit

RUN |2 NODE_ENV=production BUILD_VERSION=unknown /bin/sh -c set -eux; if ! getent group appuser >/dev/null 2>&1; then if getent group 1000 >/dev/null 2>&1; then CURRENT_GROUP="$(getent group 1000 | cut -d: -f1)"; groupmod -n appuser "$CURRENT_GROUP"; else addgroup -g 1000 appuser; fi; fi; if ! id -u appuser >/dev/null 2>&1; then if getent passwd 1000 >/dev/null 2>&1; then CURRENT_USER="$(getent passwd 1000 | cut -d: -f1)"; usermod -l appuser "$CURRENT_USER"; usermod -d /home/appuser -m appuser; usermod -g appuser appuser; else adduser -D -u 1000 -G appuser appuser; fi; fi; mkdir -p /var/www/html && mkdir -p /app/backend/dist && mkdir -p /etc/supervisor.d && mkdir -p /data && mkdir -p /var/log/nginx && mkdir -p /var/lib/nginx && mkdir -p /var/tmp/nginx && mkdir -p /run/nginx # buildkit

COPY /app/frontend/build /var/www/html # buildkit

COPY /app/backend/dist /app/backend/dist # buildkit

COPY /app/backend/node_modules /app/backend/node_modules # buildkit

RUN |2 NODE_ENV=production BUILD_VERSION=unknown /bin/sh -c printf 'worker_processes auto;\nerror_log /var/log/nginx/error.log warn;\npid /run/nginx/nginx.pid;\n\nevents {\n worker_connections 1024;\n use epoll;\n multi_accept on;\n}\n\nhttp {\n include /etc/nginx/mime.types;\n default_type application/octet-stream;\n\n client_body_temp_path /var/tmp/nginx/client_body;\n proxy_temp_path /var/tmp/nginx/proxy;\n fastcgi_temp_path /var/tmp/nginx/fastcgi;\n uwsgi_temp_path /var/tmp/nginx/uwsgi;\n scgi_temp_path /var/tmp/nginx/scgi;\n\n log_format main '\''$remote_addr - $remote_user [$time_local] "$request" '\''\n '\''$status $body_bytes_sent "$http_referer" '\''\n '\''"$http_user_agent" "$http_x_forwarded_for"'\'';\n access_log /var/log/nginx/access.log main;\n\n sendfile on;\n tcp_nopush on;\n tcp_nodelay on;\n keepalive_timeout 65;\n gzip on;\n gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;\n\n add_header X-Frame-Options "SAMEORIGIN" always;\n add_header X-Content-Type-Options "nosniff" always;\n add_header Referrer-Policy "strict-origin-when-cross-origin" always;\n add_header Content-Security-Policy "default-src '\''self'\''; script-src '\''self'\'' '\''unsafe-inline'\''; style-src '\''self'\'' '\''unsafe-inline'\''; img-src '\''self'\'' data: https:; font-src '\''self'\'' data:; connect-src '\''self'\'' https:; frame-ancestors '\''self'\''; base-uri '\''self'\''; form-action '\''self'\'';" always;\n add_header Permissions-Policy "geolocation=(), microphone=(), camera=()" always;\n add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;\n\n client_max_body_size 50M;\n client_body_timeout 60s;\n client_header_timeout 60s;\n client_body_buffer_size 128k;\n large_client_header_buffers 4 16k;\n\n server {\n listen 8080;\n server_name _;\n\n location /health {\n access_log off;\n return 200 "healthy";\n add_header Content-Type text/plain;\n }\n\n location / {\n root /var/www/html;\n index index.html;\n try_files $uri $uri/ /index.html;\n \n location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {\n expires 1y;\n add_header Cache-Control "public, immutable";\n }\n }\n\n location /uploads/ {\n proxy_pass http://127.0.0.1:3001/uploads/;\n proxy_http_version 1.1;\n proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection "upgrade";\n proxy_set_header Host $host;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n proxy_set_header X-Forwarded-Proto $scheme;\n proxy_set_header X-Forwarded-Host $host;\n proxy_cache_bypass $http_upgrade;\n proxy_connect_timeout 60s;\n proxy_send_timeout 60s;\n proxy_read_timeout 60s;\n proxy_buffer_size 4k;\n proxy_buffers 8 4k;\n proxy_busy_buffers_size 8k;\n }\n\n location /api/ {\n proxy_pass http://127.0.0.1:3001/api/;\n proxy_http_version 1.1;\n proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection "upgrade";\n proxy_set_header Host $host;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n proxy_set_header X-Forwarded-Proto $scheme;\n proxy_set_header X-Forwarded-Host $host;\n proxy_cache_bypass $http_upgrade;\n \n proxy_connect_timeout 60s;\n proxy_send_timeout 60s;\n proxy_read_timeout 60s;\n \n proxy_buffer_size 4k;\n proxy_buffers 8 4k;\n proxy_busy_buffers_size 8k;\n }\n\n location /ws {\n proxy_pass http://127.0.0.1:3001/ws;\n proxy_http_version 1.1;\n proxy_set_header Upgrade $http_upgrade;\n proxy_set_header Connection "upgrade";\n proxy_set_header Host $host;\n proxy_set_header X-Real-IP $remote_addr;\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\n proxy_set_header X-Forwarded-Proto $scheme;\n proxy_set_header X-Forwarded-Host $host;\n proxy_cache_bypass $http_upgrade;\n proxy_connect_timeout 60s;\n proxy_send_timeout 60s;\n proxy_read_timeout 60s;\n }\n }\n}' > /etc/nginx/nginx.conf # buildkit

RUN |2 NODE_ENV=production BUILD_VERSION=unknown /bin/sh -c printf '[supervisord]\npidfile=/tmp/supervisord.pid\nnodaemon=true\nloglevel=info\nlogfile=/dev/stdout\nlogfile_maxbytes=0\nuser=appuser\n\n[program:nginx]\ncommand=/usr/sbin/nginx -g "daemon off;"\nautorestart=true\nstartretries=3\nstdout_logfile=/dev/stdout\nstdout_logfile_maxbytes=0\nstderr_logfile=/dev/stderr\nstderr_logfile_maxbytes=0\npriority=10\nuser=appuser\n\n[program:backend]\ncommand=node /app/backend/dist/index.js\ndirectory=/app/backend\nenvironment=NODE_ENV="production",DATA_DIR="/data",PORT="3001"\nautorestart=true\nstartretries=3\nstdout_logfile=/dev/stdout\nstdout_logfile_maxbytes=0\nstderr_logfile=/dev/stderr\nstderr_logfile_maxbytes=0\npriority=20\nuser=appuser\n' > /etc/supervisor.d/supervisord.ini # buildkit

RUN |2 NODE_ENV=production BUILD_VERSION=unknown /bin/sh -c printf '#!/bin/sh\nnginx_status=$(curl -f -s http://localhost:8080/health > /dev/null && echo "ok" || echo "fail")\nbackend_status=$(curl -f -s http://localhost:3001/api/health > /dev/null && echo "ok" || echo "fail")\n\nif [ "$nginx_status" = "ok" ] && [ "$backend_status" = "ok" ]; then\n exit 0\nelse\n echo "Health check failed: nginx=$nginx_status, backend=$backend_status"\n exit 1\nfi' > /usr/local/bin/healthcheck.sh && chmod +x /usr/local/bin/healthcheck.sh # buildkit

RUN |2 NODE_ENV=production BUILD_VERSION=unknown /bin/sh -c chown -R appuser:appuser /data /app/backend /var/www/html /var/log/nginx /var/lib/nginx /var/tmp/nginx /run/nginx /etc/nginx /usr/local/bin/healthcheck.sh # buildkit

HEALTHCHECK &{["CMD-SHELL" "/usr/local/bin/healthcheck.sh"] "30s" "10s" "40s" "0s" '\x03'}

WORKDIR /app

EXPOSE [8080/tcp]

USER appuser

ENTRYPOINT ["/sbin/tini" "--"]

CMD ["/usr/bin/supervisord" "-c" "/etc/supervisor.d/supervisord.ini"]

LABEL traefik.enable=true

LABEL traefik.http.routers.app.rule=Host(\`your-domain.com\`)

LABEL traefik.http.routers.app.entrypoints=websecure

LABEL traefik.http.routers.app.tls.certresolver=letsencrypt

LABEL traefik.http.services.app.loadbalancer.server.port=8080

LABEL maintainer=Your Name <your.email@example.com>

LABEL version=unknown

LABEL description=Full Stack TypeScript Template - Traefik Ready

LABEL org.opencontainers.image.source=https://github.com/your-org/fullstack-typescript-template

LABEL org.opencontainers.image.documentation=https://github.com/your-org/fullstack-typescript-template#readme

LABEL org.opencontainers.image.vendor=Your Organization

LABEL org.opencontainers.image.licenses=MIT

Labels

Key	Value
description	Full Stack TypeScript Template - Traefik Ready
maintainer	Your Name <your.email@example.com>
org.opencontainers.image.documentation	https://github.com/your-org/fullstack-typescript-template#readme
org.opencontainers.image.licenses	MIT
org.opencontainers.image.source	https://github.com/your-org/fullstack-typescript-template
org.opencontainers.image.vendor	Your Organization
traefik.enable	true
traefik.http.routers.app.entrypoints	websecure
traefik.http.routers.app.rule	Host(\`your-domain.com\`)
traefik.http.routers.app.tls.certresolver	letsencrypt
traefik.http.services.app.loadbalancer.server.port	8080
version	unknown

Details

Container

2025-12-16 14:44:15 +01:00

0

OCI / Docker

Versions (7) View all

77d71611 2025-12-16

latest 2025-12-16

1d786234 2025-12-16

9073a271 2025-12-15

bacec8ba 2025-12-15