From 05b29a62bb9358d6a79ebd671c6479b63e817632 Mon Sep 17 00:00:00 2001
From: whidix <theodor.vallier@whidix.dev>
Date: Sun, 8 Mar 2026 15:37:59 +0100
Subject: [PATCH] feat: add Dockerfile and entrypoint script for containerized
 application

---
 .gitea/workflows/build-image.yaml | 70 +++++++++++++++++++++++++++++++
 Dockerfile                        | 28 +++++++++++++
 docker-entrypoint.sh              |  9 ++++
 3 files changed, 107 insertions(+)
 create mode 100644 .gitea/workflows/build-image.yaml
 create mode 100644 Dockerfile
 create mode 100644 docker-entrypoint.sh

diff --git a/.gitea/workflows/build-image.yaml b/.gitea/workflows/build-image.yaml
new file mode 100644
index 0000000..8641bf6
--- /dev/null
+++ b/.gitea/workflows/build-image.yaml
@@ -0,0 +1,70 @@
+name: Build Docker Image
+
+on:
+  push:
+    branches:
+      - main
+    tags:
+      - '*'
+
+env:
+  GITEA_REGISTRY: ${{ gitea.server_url }}
+  GITEA_USERNAME: ${{ gitea.actor }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      
+      - name: Determine image tag
+        id: tag
+        run: |
+          if [[ "${{ github.ref }}" == refs/tags/* ]]; then
+            TAG=${GITHUB_REF#refs/tags/}
+          elif [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
+            TAG=main
+          else
+            echo "Not on main branch or a tag, skipping build"
+            exit 1
+          fi
+          echo "tag=$TAG" >> $GITHUB_OUTPUT
+          
+          # Remove protocol from registry URL
+          REGISTRY="${{ env.GITEA_REGISTRY }}"
+          REGISTRY="${REGISTRY#https://}"
+          REGISTRY="${REGISTRY#http://}"
+          echo "registry=$REGISTRY" >> $GITHUB_OUTPUT
+          
+          # Lowercase repository name
+          REPO="${{ gitea.repository }}"
+          REPO="${REPO,,}"
+          echo "repository=$REPO" >> $GITHUB_OUTPUT
+      
+      - name: Login to Gitea Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ steps.tag.outputs.registry }}
+          username: ${{ vars.REGISTRY_USERNAME }}
+          password: ${{ secrets.REGISTRY_TOKEN }}
+      
+      - name: Build and push Docker image
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          tags: |
+            ${{ steps.tag.outputs.registry }}/${{ steps.tag.outputs.repository }}:${{ steps.tag.outputs.tag }}
+            ${{ steps.tag.outputs.registry }}/${{ steps.tag.outputs.repository }}:latest
+      
+      - name: Call deployment webhook
+        if: ${{ secrets.DEPLOYMENT_WEBHOOK != '' }}
+        run: |
+          curl -k -X POST ${{ secrets.DEPLOYMENT_WEBHOOK }} \
+            -H 'Content-Type: application/json'
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..a422a22
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,28 @@
+FROM node:24-alpine AS builder
+WORKDIR /app
+
+COPY package*.json ./
+RUN npm ci
+
+COPY . .
+
+RUN npm run build
+
+FROM node:24-alpine AS runner
+WORKDIR /app
+ENV NODE_ENV=production
+
+COPY --from=builder /app/node_modules ./node_modules
+COPY --from=builder /app/build ./build
+COPY --from=builder /app/drizzle ./drizzle
+# TODO: Need to generate schema outside of src during build to avoid copying all of src
+COPY --from=builder /app/src ./src
+COPY --from=builder /app/drizzle.config.ts ./
+COPY --from=builder /app/package.json ./
+
+COPY docker-entrypoint.sh /app/docker-entrypoint.sh
+RUN chmod +x /app/docker-entrypoint.sh
+
+EXPOSE 3000
+
+ENTRYPOINT ["/app/docker-entrypoint.sh"]
\ No newline at end of file
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
new file mode 100644
index 0000000..aec6f53
--- /dev/null
+++ b/docker-entrypoint.sh
@@ -0,0 +1,9 @@
+#!/bin/sh
+set -e
+
+# Migrate the database
+npm run db:migrate
+
+# Start the production server
+node build/index.js
+