feat: use production level docker settings (#26)

Co-authored-by: Nishant Arora <1895906+whizzzkid@users.noreply.github.com>

.dockerignore

@@ -129,3 +129,20 @@ build
 .yarn/build-state.yml
 .yarn/install-state.gz
 .pnp.*
+
+# other dotfiles
+.git
+.gitignore
+.dockerignore
+.github
+.tool-versions
+.envrc
+
+# playwright stuff
+e2e-tests
+playwright.config.ts
+playwright-report
+screenshots
+
+# Other misc files that don't make sense in the docker container
+README.md

.github/workflows/playwright.yml

@@ -20,7 +20,7 @@ jobs:
     - name: Install Playwright Browsers
       run: npx playwright install --with-deps
     - name: Run Playwright tests
-      run: npm run test:e2e
+      run: npm run test:http-e2e
     - uses: actions/upload-artifact@v3
       if: always()
       with:

.gitignore

@@ -133,3 +133,4 @@ build
 /playwright-report/
 /playwright/.cache/
 screenshots
+.envrc

Dockerfile

@@ -1,14 +1,40 @@
-FROM node:20-slim
+FROM node:20-slim as builder
 
 RUN apt-get update
-RUN apt-get install -y build-essential cmake git libssl-dev
+RUN apt-get install -y build-essential cmake git libssl-dev tini
 
 WORKDIR /app
 
-COPY . .
+COPY package*.json ./
+
 RUN npm ci --quiet
+
+COPY . .
+
 RUN npm run build
 
+RUN npm prune --omit=dev
+
+FROM node:20-slim as app
+ENV NODE_ENV production
+WORKDIR /app
+# built src without dev dependencies
+COPY --from=builder /app ./
+# tini is used to handle signals properly, see https://github.com/krallin/tini#using-tini
+COPY --from=builder /usr/bin/tini /usr/bin/tini
+
+# copy shared libraries (without having artifacts from apt-get install that is needed to build our application)
+COPY --from=builder /usr/lib/**/libcrypto* /usr/lib/
+COPY --from=builder /usr/lib/**/libssl* /usr/lib/
+
 HEALTHCHECK --interval=12s --timeout=12s --start-period=10s CMD npm run healthcheck
 
-CMD [ "npm", "start" ]
+# Use tini to handle signals properly, see https://github.com/nodejs/docker-node/blob/main/docs/BestPractices.md#handling-kernel-signals
+ENTRYPOINT ["/usr/bin/tini", "-p", "SIGKILL", "--"]
+
+CMD [ "node", "dist/src/index.js" ]
+
+# for best practices, see:
+# * https://snyk.io/blog/10-best-practices-to-containerize-nodejs-web-applications-with-docker/
+# * https://github.com/nodejs/docker-node/blob/main/docs/BestPractices.md
+# * https://nodejs.org/en/docs/guides/nodejs-docker-webapp

README.md

@@ -28,7 +28,7 @@ $ docker build . --tag helia --platform linux/arm64
 ### Running
 
 ```sh
-$ docker run -it -p 8080:8080 -e DEBUG="helia-server" helia
+$ docker run -it -p 8080:8080 -e DEBUG="helia-http-gateway" helia
 ```
 
 ## Supported Environment Variables
@@ -38,6 +38,54 @@ $ docker run -it -p 8080:8080 -e DEBUG="helia-server" helia
 | `DEBUG` | Debug level | `''`|
 | `PORT` | Port to listen on | `8080` |
 | `HOST` | Host to listen on | `0.0.0.0` |
+| `USE_BITSWAP` | Use bitswap to fetch content from IPFS | `true` |
+| `USE_TRUSTLESS_GATEWAYS` | Whether to fetch content from trustless-gateways or not | `true` |
+| `TRUSTLESS_GATEWAYS` | Comma separated list of trusted gateways to fetch content from | [Defined in Helia](https://github.com/ipfs/helia/blob/main/packages/helia/src/block-brokers/trustless-gateway/index.ts) |
+| `USE_LIBP2P` | Whether to use libp2p networking | `true` |
+
+<!--
+TODO: currently broken when used in docker, but they work when running locally (you can cache datastore and blockstore locally to speed things up if you want)
+| `FILE_DATASTORE_PATH` | Path to use with a datastore-level passed to Helia as the datastore | `null`; memory datastore is used by default. |
+| `FILE_BLOCKSTORE_PATH` | Path to use with a blockstore-level passed to Helia as the blockstore | `null`; memory blockstore is used by default. |
+-->
+
+See the source of truth for all `process.env.<name>` environment variables at [src/constants.ts](src/constants.ts).
+
+### Running with custom configurations
+
+Note that any of the following calls to docker can be replaced with something like `MY_ENV_VAR="MY_VALUE" npm run start`
+
+#### Disable libp2p
+```sh
+$ docker run -it -p $PORT:8080 -e DEBUG="helia-http-gateway*" -e USE_LIBP2P="false" helia
+```
+
+#### Disable bitswap
+```sh
+$ docker run -it -p $PORT:8080 -e DEBUG="helia-http-gateway*" -e USE_BITSWAP="false" helia
+```
+
+#### Disable trustless gateways
+```sh
+$ docker run -it -p $PORT:8080 -e DEBUG="helia-http-gateway*" -e USE_TRUSTLESS_GATEWAYS="false" helia
+```
+
+#### Customize trustless gateways
+```sh
+$ docker run -it -p $PORT:8080 -e DEBUG="helia-http-gateway*" -e TRUSTLESS_GATEWAYS="https://ipfs.io,https://dweb.link" helia
+```
+
+<!--
+#### With file datastore and blockstore
+
+**NOTE:** Not currently supported due to docker volume? issues.
+
+```sh
+$ docker run -it -p $PORT:8080 -e DEBUG="helia-http-gateway*" -e FILE_DATASTORE_PATH="./datastore" -e FILE_BLOCKSTORE_PATH="./blockstore" helia
+# and if you want to re-use a volume from your host:
+$ docker run -it -p $PORT:8080 -e DEBUG="helia-http-gateway*" -e FILE_DATASTORE_PATH="./datastore" -e FILE_BLOCKSTORE_PATH="./blockstore" -v ./datastore:/datastore -v ./blockstore:/blockstore helia
+```
+-->
 
 ## E2E Testing
 

docker-compose.yml

@@ -1,10 +1,10 @@
 version: "3.8"
 
 services:
-  server:
+  helia-http-gateway:
     build: .
     restart: always
     ports:
-      - "8080:8080"
+      - "${PORT:-8080}:8080"
     environment:
-      - DEBUG="helia-server*"
+      - DEBUG="${DEBUG:-helia-http-gateway*}"