packages/ui/Dockerfile

# 根据目标平台选择基础镜像：amd64/arm64 用 trixie-slim，arm/v7 没有 trixie-slim 发布，回退到 alpine
FROM --platform=linux/amd64 node:22-trixie-slim AS base-amd64
FROM --platform=linux/arm64 node:22-trixie-slim AS base-arm64
FROM --platform=linux/arm/v7 node:22-alpine AS base-arm-v7

FROM base-${TARGETARCH}${TARGETVARIANT:+-}${TARGETVARIANT} AS builder

WORKDIR /workspace/
COPY . /workspace/
# pnpm v11打包会报错（[ERR_PNPM_IGNORED_BUILDS] Ignored build scripts），暂时固定10.33.4版本。
# https://pnpm.io/zh/migration
RUN npm install -g pnpm@10.33.4

RUN cp /workspace/certd-client/dist/* /workspace/certd-server/public/ -rf
RUN cd /workspace/certd-server && pnpm install && npm run build-on-docker


FROM base-${TARGETARCH}${TARGETVARIANT:+-}${TARGETVARIANT}
EXPOSE 7001
EXPOSE 7002

# 根据基础镜像发行版选择包管理器
# trixie-slim -> apt-get, alpine -> apk
RUN if [ -f /etc/debian_version ]; then \
        apt-get update \
        && apt-get install -y --no-install-recommends \
            ca-certificates \
            gnupg \
            wget \
            openssl \
            netcat-openbsd \
            iputils-ping \
            dnsutils \
            iproute2 \
        && wget -O - https://packages.adoptium.net/artifactory/api/gpg/key/public | gpg --dearmor | tee /usr/share/keyrings/adoptium.gpg > /dev/null \
        && echo "deb [signed-by=/usr/share/keyrings/adoptium.gpg] https://packages.adoptium.net/artifactory/deb bookworm main" | tee /etc/apt/sources.list.d/adoptium.list \
        && apt-get update \
        && apt-get install -y --no-install-recommends temurin-8-jre \
        && apt-get clean \
        && rm -rf /var/lib/apt/lists/*; \
    elif [ -f /etc/alpine-release ]; then \
        apk add --no-cache \
            openssl \
            openjdk8-jre; \
    else \
        echo "Unsupported base image"; exit 1; \
    fi

WORKDIR /app/

ENV TERM=xterm
ENV LEGO_VERSION=4.30.1
ENV LEGO_DOWNLOAD_DIR=/app/tools/lego

ENV ALIYUN_CLIENT_CONNECT_TIMEOUT=10000
ENV ALIYUN_CLIENT_READ_TIMEOUT=20000

RUN mkdir -p $LEGO_DOWNLOAD_DIR

# 根据架构下载不同的文件
RUN ARCH=$(uname -m) && \
    if [ "$ARCH" = "x86_64" ]; then \
        wget -O $LEGO_DOWNLOAD_DIR/lego_v${LEGO_VERSION}_linux_amd64.tar.gz https://github.com/go-acme/lego/releases/download/v${LEGO_VERSION}/lego_v${LEGO_VERSION}_linux_amd64.tar.gz; \
    elif [ "$ARCH" = "aarch64" ]; then \
        wget -O $LEGO_DOWNLOAD_DIR/lego_v${LEGO_VERSION}_linux_arm64.tar.gz https://github.com/go-acme/lego/releases/download/v${LEGO_VERSION}/lego_v${LEGO_VERSION}_linux_arm64.tar.gz; \
    else \
        # armv7 不支持lego 不要再尝试了
        echo "Unsupported architecture: $ARCH"; \
    fi

ENV TZ=Asia/Shanghai
ENV NODE_ENV=production
ENV MIDWAY_SERVER_ENV=production

COPY --from=builder /workspace/certd-server/ /app/
COPY ./patch/ssh2/*.js /app/node_modules/.pnpm/node_modules/ssh2/lib/protocol/
CMD ["node", "--optimize-for-size", "./bootstrap.js"]
-											build(ui): 重构Dockerfile支持多架构
										
										
											2026-06-16 23:41:40 +08:00
+								# 根据目标平台选择基础镜像：amd64/arm64 用 trixie-slim，arm/v7 没有 trixie-slim 发布，回退到 alpine
 								FROM --platform=linux/amd64 node:22-trixie-slim AS base-amd64
 								FROM --platform=linux/arm64 node:22-trixie-slim AS base-arm64
-											chore: 1
										
										
											2026-06-17 00:04:24 +08:00
+								FROM --platform=linux/arm/v7 node:22-alpine AS base-arm-v7
-											perf: 升级lego到4.30.1版本
										
										
											2025-12-29 16:44:00 +08:00
-											build(ui): 重构Dockerfile支持多架构
										
										
											2026-06-16 23:41:40 +08:00
+								FROM base-${TARGETARCH}${TARGETVARIANT:+-}${TARGETVARIANT} AS builder
-											perf: 升级lego到4.30.1版本
										
										
											2025-12-29 16:44:00 +08:00
-											chore: 重构image build
										
										
											2024-07-20 19:38:15 +08:00
+								WORKDIR /workspace/
-											chore:
										
										
											2024-07-21 03:21:51 +08:00
+								COPY . /workspace/
-											chore: 打包报错， 固定pnpm@10.33.4
										
										
											2026-05-11 09:39:04 +08:00
+								# pnpm v11打包会报错（[ERR_PNPM_IGNORED_BUILDS] Ignored build scripts），暂时固定10.33.4版本。
 								# https://pnpm.io/zh/migration
 								RUN npm install -g pnpm@10.33.4
-											chore: 重构image build
										
										
											2024-07-20 19:38:15 +08:00
-											chore:
										
										
											2024-07-26 22:01:42 +08:00
+								RUN cp /workspace/certd-client/dist/* /workspace/certd-server/public/ -rf
-											chore:
										
										
											2024-09-09 17:35:10 +08:00
+								RUN cd /workspace/certd-server && pnpm install && npm run build-on-docker
-											chore: 重构image build
										
										
											2024-07-20 19:38:15 +08:00
-											chore: 修复 ui-server 加载失败问题
										
										
											2025-09-27 08:26:18 +08:00
-											build(ui): 重构Dockerfile支持多架构
										
										
											2026-06-16 23:41:40 +08:00
+								FROM base-${TARGETARCH}${TARGETVARIANT:+-}${TARGETVARIANT}
-											fix: 修复某些容器管理ui无法识别端口列表的bug
										
										
											2024-11-08 14:14:21 +08:00
+								EXPOSE 7001
 								EXPOSE 7002
-											perf: 升级lego到4.30.1版本
										
										
											2025-12-29 16:44:00 +08:00
-											chore: 1
										
										
											2026-06-17 00:26:50 +08:00
+								# 根据基础镜像发行版选择包管理器
 								# trixie-slim -> apt-get, alpine -> apk
-											build(ui): 重构Dockerfile支持多架构
										
										
											2026-06-16 23:41:40 +08:00
+								RUN if [ -f /etc/debian_version ]; then \
-											chore: 1
										
										
											2026-06-17 00:26:50 +08:00
+								        apt-get update \
 								        && apt-get install -y --no-install-recommends \
-											build(ui): 重构Dockerfile支持多架构
										
										
											2026-06-16 23:41:40 +08:00
+								            ca-certificates \
 								            gnupg \
 								            wget \
 								            openssl \
 								            netcat-openbsd \
 								            iputils-ping \
 								            dnsutils \
 								            iproute2 \
 								        && wget -O - https://packages.adoptium.net/artifactory/api/gpg/key/public | gpg --dearmor | tee /usr/share/keyrings/adoptium.gpg > /dev/null \
 								        && echo "deb [signed-by=/usr/share/keyrings/adoptium.gpg] https://packages.adoptium.net/artifactory/deb bookworm main" | tee /etc/apt/sources.list.d/adoptium.list \
 								        && apt-get update \
 								        && apt-get install -y --no-install-recommends temurin-8-jre \
 								        && apt-get clean \
 								        && rm -rf /var/lib/apt/lists/*; \
 								    elif [ -f /etc/alpine-release ]; then \
 								        apk add --no-cache \
 								            openssl \
-											chore: 1
										
										
											2026-06-17 00:26:50 +08:00
+								            openjdk8-jre; \
-											build(ui): 重构Dockerfile支持多架构
										
										
											2026-06-16 23:41:40 +08:00
+								    else \
 								        echo "Unsupported base image"; exit 1; \
 								    fi
-											perf: 基础镜像改成node:22-trixie-slim，对网络兼容性更好
										
										
											2026-06-15 23:24:06 +08:00
-											chore: 重构image build
										
										
											2024-07-20 19:38:15 +08:00
+								WORKDIR /app/
-											chore: 解压lego之后，设置为可执行
										
										
											2024-11-02 23:37:25 +08:00
-											chore: 1
										
										
											2026-06-17 00:26:50 +08:00
+								ENV TERM=xterm
-											perf: 升级lego到4.30.1版本
										
										
											2025-12-29 16:44:00 +08:00
+								ENV LEGO_VERSION=4.30.1
-											chore: build 1.33.0
										
										
											2025-04-12 03:03:26 +08:00
+								ENV LEGO_DOWNLOAD_DIR=/app/tools/lego
-											perf: 优化阿里云连接超时时长为10秒，支持配置环境变量
										
										
											2026-03-11 23:10:37 +08:00
 								ENV ALIYUN_CLIENT_CONNECT_TIMEOUT=10000
 								ENV ALIYUN_CLIENT_READ_TIMEOUT=20000
-											chore:
										
										
											2024-11-04 13:32:02 +08:00
+								RUN mkdir -p $LEGO_DOWNLOAD_DIR
 								# 根据架构下载不同的文件
-											perf: dns默认ipv4first
										
										
											2026-06-14 23:18:37 +08:00
+								RUN ARCH=$(uname -m) && \
 								    if [ "$ARCH" = "x86_64" ]; then \
 								        wget -O $LEGO_DOWNLOAD_DIR/lego_v${LEGO_VERSION}_linux_amd64.tar.gz https://github.com/go-acme/lego/releases/download/v${LEGO_VERSION}/lego_v${LEGO_VERSION}_linux_amd64.tar.gz; \
 								    elif [ "$ARCH" = "aarch64" ]; then \
 								        wget -O $LEGO_DOWNLOAD_DIR/lego_v${LEGO_VERSION}_linux_arm64.tar.gz https://github.com/go-acme/lego/releases/download/v${LEGO_VERSION}/lego_v${LEGO_VERSION}_linux_arm64.tar.gz; \
 								    else \
-											chore: 1
										
										
											2026-06-17 00:39:04 +08:00
+								        # armv7 不支持lego 不要再尝试了
-											perf: dns默认ipv4first
										
										
											2026-06-14 23:18:37 +08:00
+								        echo "Unsupported architecture: $ARCH"; \
 								    fi
-											perf: lego 升级到 4.19.2
										
										
											2024-10-30 16:12:08 +08:00
-											chore: build 1.33.0
										
										
											2025-04-12 03:03:26 +08:00
+								ENV TZ=Asia/Shanghai
 								ENV NODE_ENV=production
 								ENV MIDWAY_SERVER_ENV=production
-											chore(nettest): 修复跨平台端口测试匹配逻辑
										
										
											2026-06-16 00:15:42 +08:00
 								COPY --from=builder /workspace/certd-server/ /app/
 								COPY ./patch/ssh2/*.js /app/node_modules/.pnpm/node_modules/ssh2/lib/protocol/
-											perf: 优化内存占用
										
										
											2026-01-14 11:37:20 +08:00
+								CMD ["node", "--optimize-for-size", "./bootstrap.js"]