mirror of
				https://github.com/TriliumNext/Notes.git
				synced 2025-10-25 00:31:43 +08:00 
			
		
		
		
	
		
			
				
	
	
		
			51 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			Docker
		
	
	
	
	
	
			
		
		
	
	
			51 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			Docker
		
	
	
	
	
	
| FROM node:22.16.0-alpine AS builder
 | |
| RUN corepack enable
 | |
| 
 | |
| # Install native dependencies since we might be building cross-platform.
 | |
| WORKDIR /usr/src/app
 | |
| COPY ./docker/package.json ./docker/pnpm-workspace.yaml /usr/src/app/
 | |
| # We have to use --no-frozen-lockfile due to CKEditor patches
 | |
| RUN pnpm install --no-frozen-lockfile --prod && pnpm rebuild
 | |
| 
 | |
| FROM node:22.16.0-alpine
 | |
| # Create a non-root user with configurable UID/GID
 | |
| ARG USER=trilium
 | |
| ARG UID=1001
 | |
| ARG GID=1001
 | |
| ENV USER=${USER}
 | |
| ENV UID=${UID}
 | |
| ENV GID=${GID}
 | |
| 
 | |
| # Install runtime dependencies and create user with specific UID/GID
 | |
| RUN apk add --no-cache dumb-init && \
 | |
|     apk add --no-cache bash && \
 | |
|     # Alpine uses addgroup/adduser (from busybox) instead of groupadd/useradd
 | |
|     addgroup -g ${GID} ${USER} && \
 | |
|     adduser -u ${UID} -G ${USER} -s /bin/sh -D -h /home/${USER} ${USER}
 | |
| 
 | |
| WORKDIR /home/${USER}/app
 | |
| COPY ./dist /home/${USER}/app
 | |
| # Also copy the rootless entrypoint script
 | |
| COPY rootless-entrypoint.sh /home/${USER}/app/
 | |
| RUN rm -rf /home/${USER}/app/node_modules/better-sqlite3
 | |
| COPY --from=builder /usr/src/app/node_modules/better-sqlite3 /home/${USER}/app/node_modules/better-sqlite3
 | |
| RUN chown -R ${USER}:${USER} /home/${USER}
 | |
| 
 | |
| # Configure container
 | |
| USER ${USER}
 | |
| EXPOSE 8080
 | |
| 
 | |
| # By default, use UID/GID that was set during build
 | |
| # These can be overridden at runtime
 | |
| ENV TRILIUM_UID=${UID}
 | |
| ENV TRILIUM_GID=${GID}
 | |
| ENV TRILIUM_DATA_DIR=/home/${USER}/trilium-data
 | |
| 
 | |
| # Use dumb-init as entrypoint to handle signals properly
 | |
| ENTRYPOINT ["/usr/bin/dumb-init", "--"]
 | |
| 
 | |
| # Use the entrypoint script
 | |
| CMD [ "bash", "./rootless-entrypoint.sh" ]
 | |
| 
 | |
| HEALTHCHECK --start-period=10s CMD node /home/${USER}/app/docker_healthcheck.js
 | 
![renovate[bot]](/assets/img/avatar_default.png)