chore(docker): optimize Dockerfiles and add healthchecks for Coolify deployment

- Add build arguments and environment variables for OAuth client IDs in frontend Dockerfile - Install wget and add HEALTHCHECK commands to frontend and backend Dockerfiles - Create non-root user in backend Dockerfile for improved security - Update docker-compose.yml with healthcheck configurations and dynamic port/environment variable support - Add network configuration and restart policies to docker-compose services - Expand .env.example with additional OAuth secrets, ports, and environment variables for Coolify - Enhance README.md with detailed Coolify deployment instructions and required environment variables table
2026-01-31 11:06:16 +05:00
parent d5cb1ded3e
commit ab10baf983
5 changed files with 125 additions and 10 deletions
--- a/.env.example
+++ b/.env.example
@@ -1,10 +1,38 @@
+# CloudStream Transfer - Environment Variables
+# Copy this file to .env and fill in your values
+
+# ======================
+# OAuth Credentials
+# ======================
+
 # Microsoft Azure AD OAuth Configuration
 # Get your client ID from: https://portal.azure.com -> Azure Active Directory -> App registrations
 VITE_MS_CLIENT_ID=your_microsoft_client_id_here
+MS_CLIENT_SECRET=your_microsoft_client_secret_here

-# Google Cloud OAuth Configuration
+# Google Cloud OAuth Configuration  
 # Get your client ID from: https://console.cloud.google.com -> APIs & Services -> Credentials
 VITE_GOOGLE_CLIENT_ID=your_google_client_id_here
+GOOGLE_CLIENT_SECRET=your_google_client_secret_here

-# Note: Redirect URI should be set to your domain + /auth/callback
+# ======================
+# URLs & Redirects
+# ======================
+
+# For Coolify: Use your domain (e.g., https://cloudstream.yourdomain.com/auth/callback)
 # For local development: http://localhost:5173/auth/callback
+REDIRECT_URI=http://localhost:5173/auth/callback
+
+# Optional: Override API URL if backend is on different domain
+# VITE_API_URL=https://api.yourdomain.com
+
+# ======================
+# Ports (Coolify will override these)
+# ======================
+FRONTEND_PORT=80
+BACKEND_PORT=3001
+
+# ======================
+# Environment
+# ======================
+NODE_ENV=production
--- a/18
+++ b/18
@@ -1,8 +1,18 @@
-# Frontend Dockerfile
+# Frontend Dockerfile (Coolify Optimized)
 FROM node:20-alpine AS builder

 WORKDIR /app

+# Build arguments for environment variables
+ARG VITE_MS_CLIENT_ID
+ARG VITE_GOOGLE_CLIENT_ID
+ARG VITE_API_URL
+
+# Set as environment variables for build
+ENV VITE_MS_CLIENT_ID=$VITE_MS_CLIENT_ID
+ENV VITE_GOOGLE_CLIENT_ID=$VITE_GOOGLE_CLIENT_ID
+ENV VITE_API_URL=$VITE_API_URL
+
 # Copy package files
 COPY package*.json ./

@@ -18,6 +28,9 @@ RUN npm run build
 # Production stage
 FROM nginx:alpine

+# Install wget for healthcheck
+RUN apk add --no-cache wget
+
 # Copy built assets
 COPY --from=builder /app/dist /usr/share/nginx/html

@@ -26,4 +39,7 @@ COPY nginx.conf /etc/nginx/conf.d/default.conf

 EXPOSE 80

+HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
+    CMD wget -q --spider http://localhost:80 || exit 1
+
 CMD ["nginx", "-g", "daemon off;"]
--- a/README.md
+++ b/README.md
@@ -97,6 +97,41 @@ npm run dev
 - **Frontend**: React, TypeScript, Vite, Tailwind CSS, Lucide Icons, Shadcn UI
 - **Backend**: Node.js, Express, TypeScript, Axios, Microsoft Graph Client, Google APIs

+## Docker & Coolify Deployment
+
+### Local Docker
+```bash
+# Build and run with Docker Compose
+docker-compose up --build
+
+# Access at http://localhost
+```
+
+### Coolify Deployment
+
+#### From Public Repository
+1. In Coolify, go to **Projects → New → From Git Repository**
+2. Select **GitHub/GitLab/Bitbucket** and enter the repo URL
+3. Set **Build Pack** to `Docker Compose`
+4. Configure environment variables in Coolify's UI
+
+#### From Private Repository  
+1. In Coolify, go to **Settings → Private Keys** and add your SSH key
+2. Create new project with **Private Repository** option
+3. Use SSH URL: `git@github.com:username/repo.git`
+4. Configure environment variables in Coolify's UI
+
+#### Required Environment Variables (Coolify UI)
+| Variable | Description |
+|----------|-------------|
+| `VITE_MS_CLIENT_ID` | Microsoft/Azure OAuth Client ID |
+| `MS_CLIENT_SECRET` | Microsoft/Azure OAuth Secret |
+| `VITE_GOOGLE_CLIENT_ID` | Google OAuth Client ID |
+| `GOOGLE_CLIENT_SECRET` | Google OAuth Secret |
+| `REDIRECT_URI` | `https://yourdomain.com/auth/callback` |
+
+> **Important**: Update your OAuth app redirect URIs in Azure Portal and Google Cloud Console to match your Coolify domain.
+
 ## License

 ISC
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -5,24 +5,49 @@ services:
    build:
      context: .
      dockerfile: Dockerfile
+      args:
+        - VITE_MS_CLIENT_ID=${VITE_MS_CLIENT_ID}
+        - VITE_GOOGLE_CLIENT_ID=${VITE_GOOGLE_CLIENT_ID}
+        - VITE_API_URL=${VITE_API_URL:-}
    ports:
-      - "80:80"
+      - "${FRONTEND_PORT:-80}:80"
    depends_on:
-      - backend
-    environment:
-      - VITE_MS_CLIENT_ID=${VITE_MS_CLIENT_ID}
-      - VITE_GOOGLE_CLIENT_ID=${VITE_GOOGLE_CLIENT_ID}
+      backend:
+        condition: service_healthy
+    restart: unless-stopped
+    healthcheck:
+      test: [ "CMD", "wget", "-q", "--spider", "http://localhost:80" ]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 10s
+    labels:
+      - "coolify.managed=true"

  backend:
    build:
      context: ./server
      dockerfile: Dockerfile
    ports:
-      - "3001:3001"
+      - "${BACKEND_PORT:-3001}:3001"
    environment:
      - PORT=3001
+      - NODE_ENV=${NODE_ENV:-production}
      - VITE_MS_CLIENT_ID=${VITE_MS_CLIENT_ID}
      - MS_CLIENT_SECRET=${MS_CLIENT_SECRET}
      - VITE_GOOGLE_CLIENT_ID=${VITE_GOOGLE_CLIENT_ID}
      - GOOGLE_CLIENT_SECRET=${GOOGLE_CLIENT_SECRET}
      - REDIRECT_URI=${REDIRECT_URI}
+    restart: unless-stopped
+    healthcheck:
+      test: [ "CMD", "wget", "-q", "--spider", "http://localhost:3001/health" ]
+      interval: 30s
+      timeout: 10s
+      retries: 3
+      start_period: 15s
+    labels:
+      - "coolify.managed=true"
+
+networks:
+  default:
+    name: cloudstream-network
--- a/server/Dockerfile
+++ b/server/Dockerfile
@@ -1,4 +1,4 @@
-# Backend Dockerfile
+# Backend Dockerfile (Coolify Optimized)
 FROM node:20-alpine AS builder

 WORKDIR /app
@@ -20,6 +20,9 @@ FROM node:20-alpine

 WORKDIR /app

+# Install wget for healthcheck
+RUN apk add --no-cache wget
+
 # Copy package files and install production deps only
 COPY package*.json ./
 RUN npm ci --only=production
@@ -27,6 +30,14 @@ RUN npm ci --only=production
 # Copy built code
 COPY --from=builder /app/dist ./dist

+# Create non-root user for security
+RUN addgroup -g 1001 -S nodejs && \
+    adduser -S nodejs -u 1001
+USER nodejs
+
 EXPOSE 3001

+HEALTHCHECK --interval=30s --timeout=10s --start-period=10s --retries=3 \
+    CMD wget -q --spider http://localhost:3001/health || exit 1
+
 CMD ["node", "dist/index.js"]