GuillaumeHemmen/debian-node-firebase
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages1 Wiki Activity Actions
debian-node-firebase/Dockerfile
Guillaume "B.B." Van Hemmen 711d246fc3
 - Improve Dockerfile NVM setup and persist environment configuration 
Refined NVM setup to ensure persistence across shells, updated PATH for non-interactive shells, and optimized Node.js and package installation.
2025-07-14 18:28:45 +02:00

82 lines
2.9 KiB
Docker
Raw Blame History

FROM debian:12
# Metadata
LABEL maintainer="guillaume@van-hemmen.com"
# Build arguments
ARG ARG_TZ="Europe/Paris"
ARG ARG_NODE_MAJOR=22
ARG GITIGNORE_URL="https://www.toptal.com/developers/gitignore/api/linux,jetbrains+all,visualstudio,visualstudiocode"
# System configuration and timezone setup
RUN ln -snf /usr/share/zoneinfo/$ARG_TZ /etc/localtime && \
echo $ARG_TZ > /etc/timezone
# Install system packages in a single RUN to reduce layers
# Split into logical groups for better readability
RUN apt-get update && \
apt-get upgrade -y && \
apt-get install -y \
build-essential \
ca-certificates \
curl \
git \
gnupg2 \
jq \
nano \
procps \
python3 \
sudo \
unzip \
wget && \
# Clean up apt cache to reduce image size
rm -rf /var/lib/apt/lists/*
# User setup and security configuration
# Create non-root user 'coder' with sudo privileges
RUN useradd -m -s /bin/bash -G sudo coder && \
echo "coder ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/coder
# Configure shell environment and git global configuration
RUN echo "PS1='🐳 \[\033[1;36m\] \[\033[1;34m\]\W\[\033[0;35m\] \[\033[1;36m\]# \[\033[0m\]'" > /home/coder/.bashrc && \
mkdir -p /workspaces && \
chown coder:coder /home/coder/.bashrc && \
chown -R coder:coder /workspaces
# Run trivy to scan the system. Exit code is set to 0 as 1 would never allow to pass the scan due to debian known vulns
RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin \
&& trivy filesystem --exit-code 0 --no-progress / \
&& rm -rf /usr/local/bin/trivy
# Switch to non-root user
USER coder
# Configure bash environment
ENV BASH_ENV /home/coder/.bash_env
RUN touch "${BASH_ENV}" && \
echo '. "${BASH_ENV}"' >> ~/.bashrc
# Set up global gitignore
RUN curl -sL ${GITIGNORE_URL} -o /home/coder/.gitignore && \
git config --global core.excludesfile /home/coder/.gitignore
# Install Node.js using NVM
# IMPORTANT: Persist `nvm` and its binaries in the correct environment
ENV NVM_DIR="/home/coder/.nvm"
RUN curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.40.3/install.sh | bash && \
. $NVM_DIR/nvm.sh && \
nvm install ${ARG_NODE_MAJOR} && \
nvm alias default ${ARG_NODE_MAJOR} && \
nvm use default && \
npm install -g yarn patch-package && \
# Update PATH to include nvm's Node.js binaries globally
echo 'export NVM_DIR="$HOME/.nvm"' >> /home/coder/.bashrc && \
echo '[ -s "$NVM_DIR/nvm.sh" ] && \. "$NVM_DIR/nvm.sh"' >> /home/coder/.bashrc && \
echo 'export PATH="$NVM_DIR/versions/node/$(ls $NVM_DIR/versions/node | tail -n 1)/bin:$PATH"' >> /home/coder/.bashrc
# Ensure the `nvm` and Node.js paths are available in non-interactive shells by adding it to ENV
ENV PATH="/home/coder/.nvm/versions/node/$(ls /home/coder/.nvm/versions/node | tail -n 1)/bin:$PATH"
# Install Firebase CLI
RUN curl -sL firebase.tools | bash
Reference in a new issue View git blame Copy permalink