serienbrief_django/app/Dockerfile

# =============================================================================
# Multi-Stage: builder → dev → runtime
# Dev-Image enthält zusätzlich debugpy, ipython, django-debug-toolbar.
# =============================================================================

# ---------- Stage 1: Build ----------------------------------------------------
FROM python:3.12-slim-bookworm AS builder

ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1 \
    PIP_NO_CACHE_DIR=1 \
    PIP_DISABLE_PIP_VERSION_CHECK=1

RUN apt-get update && apt-get install -y --no-install-recommends \
        build-essential libpq-dev gcc \
    && rm -rf /var/lib/apt/lists/*

WORKDIR /build
COPY requirements.txt requirements-dev.txt ./
RUN pip wheel --wheel-dir=/wheels -r requirements.txt -r requirements-dev.txt


# ---------- Common Runtime Base ----------------------------------------------
FROM python:3.12-slim-bookworm AS runtime-base

ARG APP_UID=1000
ARG APP_GID=1000

ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1 \
    PIP_NO_CACHE_DIR=1 \
    PYTHONPATH=/app

RUN apt-get update && apt-get install -y --no-install-recommends \
        libpq5 \
        libreoffice libreoffice-writer \
        fonts-liberation fonts-dejavu \
        tini curl \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/* /var/cache/apt/* /tmp/*

RUN groupadd -g ${APP_GID} app && \
    useradd -u ${APP_UID} -g ${APP_GID} -m -s /bin/bash app

WORKDIR /app
COPY --from=builder /wheels /wheels


# ---------- Stage 2a: Runtime (Production) ------------------------------------
FROM runtime-base AS runtime

COPY requirements.txt .
RUN pip install --no-index --find-links=/wheels -r requirements.txt && \
    rm -rf /wheels

COPY --chown=app:app . /app/
RUN mkdir -p /app/staticfiles /app/media && chown -R app:app /app
USER app
EXPOSE 8000
ENTRYPOINT ["/usr/bin/tini", "--", "/app/entrypoint.sh"]
CMD ["gunicorn", "config.wsgi:application", \
     "--bind", "0.0.0.0:8000", \
     "--workers", "3", "--threads", "2", \
     "--worker-class", "gthread", "--worker-tmp-dir", "/tmp", \
     "--access-logfile", "-", "--error-logfile", "-", \
     "--timeout", "120"]


# ---------- Stage 2b: Dev -----------------------------------------------------
FROM runtime-base AS dev

# Dev-Tools für Container & VS Code
RUN apt-get update && apt-get install -y --no-install-recommends \
        git bash-completion vim less procps iputils-ping \
    && apt-get clean && rm -rf /var/lib/apt/lists/*

COPY requirements.txt requirements-dev.txt ./
RUN pip install --no-index --find-links=/wheels -r requirements.txt -r requirements-dev.txt && \
    rm -rf /wheels

# Code wird im Dev via Volume gemountet; nichts kopieren.
RUN mkdir -p /app/staticfiles /app/media && chown -R app:app /app
USER app
EXPOSE 8000 5678
ENTRYPOINT ["/usr/bin/tini", "--", "/app/entrypoint.sh"]
CMD ["python", "manage.py", "runserver", "0.0.0.0:8000"]