From 124c6a632affbac94a9b18585e2692abc50dcb79 Mon Sep 17 00:00:00 2001
From: "T. Zehetbauer" <125989630+4thTomost@users.noreply.github.com>
Date: Fri, 3 Apr 2026 09:37:36 +0200
Subject: [PATCH] feat: update Docker configuration for improved performance
 and add local environment example

---
 .dockerignore            |  6 +++++-
 .env.local.example       | 19 +++++++++++++++++++
 Dockerfile               | 22 +++++++++-------------
 apps/web/next.config.mjs |  1 -
 docker-compose.local.yml |  3 +--
 5 files changed, 34 insertions(+), 17 deletions(-)
 create mode 100644 .env.local.example

diff --git a/.dockerignore b/.dockerignore
index afbfc0dca..0dfe8e3f3 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -3,8 +3,9 @@ node_modules
 .turbo
 **/.turbo
 .git
-*.md
 .env*
+!.env.example
+!.env.local.example
 .DS_Store
 apps/e2e
 apps/dev-tool
@@ -16,3 +17,6 @@ apps/dev-tool
 .github
 docs
 **/*.tsbuildinfo
+**/*.md
+!**/AGENTS.md
+!**/CLAUDE.md
diff --git a/.env.local.example b/.env.local.example
new file mode 100644
index 000000000..51ac484d7
--- /dev/null
+++ b/.env.local.example
@@ -0,0 +1,19 @@
+# =====================================================
+# MyEasyCMS v2 — Local Development Environment
+# Copy to .env and run: docker compose -f docker-compose.local.yml up -d
+# =====================================================
+
+# --- Database ---
+POSTGRES_PASSWORD=postgres
+
+# --- Supabase Auth ---
+JWT_SECRET=super-secret-jwt-token-with-at-least-32-characters-long
+
+# --- Supabase Keys (demo keys — safe for local dev only) ---
+SUPABASE_ANON_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6ImFub24iLCJleHAiOjE5ODM4MTI5OTZ9.CRXP1A7WOeoJeXxjNni43kdQwgnWNReilDMblYTn_I0
+SUPABASE_SERVICE_ROLE_KEY=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJzdXBhYmFzZS1kZW1vIiwicm9sZSI6InNlcnZpY2Vfcm9sZSIsImV4cCI6MTk4MzgxMjk5Nn0.EGIM96RAZx35lJzdJsyH-qQwv8Hdp7fsn3W0YpN81IU
+
+# --- Stripe (test keys) ---
+# Get your own test keys from https://dashboard.stripe.com/test/apikeys
+NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=pk_test_YOUR_KEY
+STRIPE_SECRET_KEY=sk_test_YOUR_KEY
diff --git a/Dockerfile b/Dockerfile
index d14450b2b..24edc46a5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,18 +1,15 @@
-FROM node:22-alpine AS base
+# node:22-slim (Debian/glibc) is ~2x faster for Next.js builds vs Alpine/musl
+FROM node:22-slim AS base
 RUN corepack enable && corepack prepare pnpm@latest --activate
 WORKDIR /app
 
-# --- Install + Build in one stage ---
+# --- Install + Build ---
 FROM base AS builder
-# CACHE_BUST: change this value to force a full rebuild (busts Docker layer cache)
-ARG CACHE_BUST=14
-RUN echo "Cache bust: ${CACHE_BUST}"
 COPY . .
-RUN pnpm install --no-frozen-lockfile
+RUN --mount=type=cache,id=pnpm,target=/root/.local/share/pnpm/store \
+    pnpm install --no-frozen-lockfile --prefer-offline
 ENV NEXT_TELEMETRY_DISABLED=1
 
-# NEXT_PUBLIC_* vars are baked into the Next.js build at compile time.
-# Pass them as build args so the same Dockerfile works for any environment.
 ARG NEXT_PUBLIC_CI=false
 ARG NEXT_PUBLIC_SITE_URL=https://myeasycms.de
 ARG NEXT_PUBLIC_SUPABASE_URL=http://localhost:8000
@@ -35,17 +32,16 @@ ENV NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY=${NEXT_PUBLIC_STRIPE_PUBLISHABLE_KEY}
 ENV NEXT_PUBLIC_BILLING_PROVIDER=${NEXT_PUBLIC_BILLING_PROVIDER}
 RUN pnpm --filter web build
 
-# --- Run ---
-FROM base AS runner
+# --- Run (slim for smaller image than full Debian) ---
+FROM node:22-slim AS runner
+RUN corepack enable && corepack prepare pnpm@latest --activate
 WORKDIR /app
 ENV NODE_ENV=production
 ENV NEXT_TELEMETRY_DISABLED=1
 
 COPY --from=builder /app/ ./
 
-RUN addgroup --system --gid 1001 nodejs && adduser --system --uid 1001 nextjs
-
-# Ensure Next.js cache directories are writable by the nextjs user
+RUN groupadd --system --gid 1001 nodejs && useradd --system --uid 1001 nextjs
 RUN mkdir -p /app/apps/web/.next/cache && chown -R nextjs:nodejs /app/apps/web/.next/cache
 
 USER nextjs
diff --git a/apps/web/next.config.mjs b/apps/web/next.config.mjs
index 2b101d068..bdb04e3f9 100644
--- a/apps/web/next.config.mjs
+++ b/apps/web/next.config.mjs
@@ -41,7 +41,6 @@ const INTERNAL_PACKAGES = [
 
 /** @type {import('next').NextConfig} */
 const config = {
-  output: 'standalone',
   reactStrictMode: true,
   /** Enables hot reloading for local packages without a build step */
   transpilePackages: INTERNAL_PACKAGES,
diff --git a/docker-compose.local.yml b/docker-compose.local.yml
index 83ad376b1..a39069592 100644
--- a/docker-compose.local.yml
+++ b/docker-compose.local.yml
@@ -18,7 +18,7 @@ services:
     image: supabase/postgres:15.8.1.060
     restart: unless-stopped
     ports:
-      - '54322:5432'
+      - '54322:54322'
     volumes:
       - supabase-db-data:/var/lib/postgresql/data
       - ./docker/db/zzz-role-passwords.sh:/docker-entrypoint-initdb.d/zzz-role-passwords.sh:ro
@@ -317,7 +317,6 @@ services:
       context: .
       dockerfile: Dockerfile
       args:
-        # NEXT_PUBLIC_CI=true bypasses the HTTPS check during build
         NEXT_PUBLIC_CI: 'true'
         NEXT_PUBLIC_SITE_URL: http://localhost:3000
         NEXT_PUBLIC_SUPABASE_URL: http://localhost:8000