Skip to content

Add Docker configuration for local development #80

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
numbpill3d wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Add Docker configuration for local development #80

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 7 additions & 0 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
FROM node:20-alpine
Copy link
Contributor

@sourcery-ai sourcery-ai bot Jun 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion (performance): Add a .dockerignore to reduce build context

Exclude node_modules, .git, and logs in your .dockerignore to speed up builds and reduce image size.

Suggested implementation:

node_modules
.git
logs
*.log
npm-debug.log

WORKDIR /usr/src/app
COPY package*.json ./
RUN npm ci --omit=dev
COPY . .
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Jun 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The COPY . . instruction copies all files from the build context into the image. Without a .dockerignore file, this can include unnecessary files like .git, node_modules (if present locally), or build artifacts, increasing image size and build time. Consider adding a .dockerignore file to exclude these.

EXPOSE 3000
CMD ["node","server.js"]
Comment on lines +1 to +7
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Jun 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

It's generally recommended to run containers as a non-root user for security reasons. While less critical for local development, adopting this practice early is beneficial.

FROM node:20-alpine
WORKDIR /usr/src/app
COPY package*.json ./
RUN npm ci --omit=dev
COPY . .
EXPOSE 3000
USER node
CMD ["node","server.js"]

Copy link
Contributor

@sourcery-ai sourcery-ai bot Jun 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

security (missing-user): By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'.

Suggested change
CMD ["node","server.js"]
USER non-root
CMD ["node","server.js"]

Source: opengrep

11 changes: 11 additions & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,17 @@ PORT=3000
NODE_ENV=development
```

## Docker Usage

To run Wirebase locally with Docker:

1. Create a `.env` file using the environment variables shown above.
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Jun 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The .env file needs to contain the Supabase keys (SUPABASE_URL, SUPABASE_KEY, SUPABASE_SERVICE_KEY) and SESSION_SECRET as these are passed through to the container via docker-compose.yml. The example .env section above only lists PORT and NODE_ENV. It would be helpful to explicitly list all required variables for the Docker setup here.

2. Build and start the containers:
```bash
docker-compose up --build
```
The app will be available at `http://localhost:3000`.

## License
Comment on lines +168 to 170
Copy link
Contributor

@sourcery-ai sourcery-ai bot Jun 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: Consider adding instructions for stopping the Docker containers.

Including a note about using docker-compose down would help users clean up containers after running the app.

Suggested change
The app will be available at `http://localhost:3000`.
## License
The app will be available at `http://localhost:3000`.
3. To stop and remove the containers, networks, and volumes created by `up`, run:
```bash
docker-compose down

License


This project is available under the MIT License. See the [LICENSE](LICENSE) file for details.
Expand Down
25 changes: 25 additions & 0 deletions docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
version: '3.8'
services:
app:
Copy link
Contributor

@sourcery-ai sourcery-ai bot Jun 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: Add a restart policy for the app service

Consider adding a restart policy (e.g., unless-stopped or always) to ensure the container restarts automatically after crashes or reboots.

build: .
ports:
- "3000:3000"
environment:
- PORT=3000
- DATABASE_URL=postgres://postgres:postgres@db:5432/wirebase
- SUPABASE_URL=${SUPABASE_URL}
- SUPABASE_KEY=${SUPABASE_KEY}
- SUPABASE_SERVICE_KEY=${SUPABASE_SERVICE_KEY}
- SESSION_SECRET=${SESSION_SECRET}
Comment on lines +7 to +13
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Jun 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

high

The application's database connection logic in server.js uses process.env.SUPABASE_URL to determine the database host for Knex, and also initializes Supabase clients using the Supabase keys. This means the app will attempt to connect to the remote Supabase instance even when running in Docker Compose.

To use the local Postgres service (db) defined in this file, the application code needs to be updated to conditionally use the DATABASE_URL environment variable (which points to the db service) when running in the Docker Compose environment (e.g., based on a new IS_DOCKER environment variable). This is a critical correctness issue that will prevent the app from working with the local database.

depends_on:
- db
db:
Copy link
Contributor

@sourcery-ai sourcery-ai bot Jun 8, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: Add a healthcheck for the database service

This will help prevent startup connection errors by ensuring the app only starts when the database is ready.

image: postgres:15-alpine
environment:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: wirebase
volumes:
- db-data:/var/lib/postgresql/data
volumes:
db-data: