diff --git a/frontend/Dockerfile b/frontend/Dockerfile index 8342060..09ca839 100644 --- a/frontend/Dockerfile +++ b/frontend/Dockerfile @@ -31,16 +31,23 @@ ENV NEXT_TELEMETRY_DISABLED=1 RUN npm run build && \ rm -rf node_modules/.cache .next/cache -# Stage 4: Production Runner -FROM base AS runner -WORKDIR /app -ENV NODE_ENV=production -ENV NEXT_TELEMETRY_DISABLED=1 -ENV PORT=3000 -ENV HOSTNAME="0.0.0.0" - -RUN addgroup --system --gid 1001 nodejs -RUN adduser --system --uid 1001 nextjs +# Stage 4: Production Runner +FROM base AS runner +WORKDIR /app +ENV NODE_ENV=production +ENV NEXT_TELEMETRY_DISABLED=1 +ENV PORT=3000 +ENV HOSTNAME="0.0.0.0" + +# Runtime environment variables (read by /api/config endpoint) +# These can be overridden at container runtime +ARG API_URL=https://api-local.gohorsejobs.com +ARG BACKOFFICE_URL=https://b-local.gohorsejobs.com +ENV API_URL=$API_URL +ENV BACKOFFICE_URL=$BACKOFFICE_URL + +RUN addgroup --system --gid 1001 nodejs +RUN adduser --system --uid 1001 nextjs COPY --from=builder /app/public ./public COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./ diff --git a/seeder-api/Dockerfile b/seeder-api/Dockerfile index 170882e..26d150f 100644 --- a/seeder-api/Dockerfile +++ b/seeder-api/Dockerfile @@ -30,8 +30,8 @@ ENV NODE_ENV=production \ EXPOSE 8080 -# Health check with longer timeout -HEALTHCHECK --interval=30s --timeout=10s --start-period=10s --retries=3 \ +# Health check with longer timeout for database operations +HEALTHCHECK --interval=30s --timeout=30s --start-period=30s --retries=3 \ CMD wget -qO- http://localhost:8080/health || exit 1 CMD ["node", "src/server.js"] diff --git a/seeder-api/src/db.js b/seeder-api/src/db.js index 231fe8f..5d6af7c 100644 --- a/seeder-api/src/db.js +++ b/seeder-api/src/db.js @@ -15,11 +15,27 @@ const { DB_SSLMODE = 'disable', } = process.env; -const config = DATABASE_URL +// Parse sslmode from DATABASE_URL if present +const parseSslMode = (url) => { + const match = url.match(/sslmode=(\w+)/i); + return match ? match[1].toLowerCase() : null; +}; + +const sslModeFromUrl = DATABASE_URL ? parseSslMode(DATABASE_URL) : null; +const effectiveSslMode = sslModeFromUrl || DB_SSLMODE.toLowerCase(); + +// Determine if SSL should be used +const shouldUseSsl = effectiveSslMode === 'require' || effectiveSslMode === 'prefer'; + +// Clean DATABASE_URL - remove sslmode parameter +const cleanDatabaseUrl = DATABASE_URL + ? DATABASE_URL.replace(/[?&]sslmode=\w+/gi, '').replace(/\?$/, '') + : null; + +const config = cleanDatabaseUrl ? { - // Remove sslmode from connection string to avoid conflicts - connectionString: DATABASE_URL.replace('?sslmode=require', '').replace('&sslmode=require', ''), - ssl: { rejectUnauthorized: false } + connectionString: cleanDatabaseUrl, + ssl: shouldUseSsl ? { rejectUnauthorized: false } : false, } : { host: DB_HOST, @@ -27,7 +43,7 @@ const config = DATABASE_URL user: DB_USER, password: DB_PASSWORD, database: DB_NAME, - ssl: DB_SSLMODE === 'require' ? { rejectUnauthorized: false } : false, + ssl: shouldUseSsl ? { rejectUnauthorized: false } : false, }; console.log('🔌 DB Config:', {