Gandalf/sofarr
1
0
Fork 0
Code Issues 1 Pull Requests Actions 1 Packages Projects Releases 15 Wiki Activity

fix(docker): replace better-sqlite3 with pure-JS JSON token store
All checks were successful
Build and Push Docker Image / build (push) Successful in 28s
Details
CI / Security audit (push) Successful in 38s
Details

Browse Source 
better-sqlite3 is a native C++ addon that requires compilation on Alpine
(musl libc, no pre-built binaries exist) and fails on Debian slim too
because prebuild-install cannot detect the libc type correctly.

Replace with a pure-JS JSON file token store (server/utils/tokenStore.js):
- Atomic writes via temp file + rename (no corruption on crash)
- Same API: storeToken/getToken/clearToken
- TTL enforcement on read and hourly prune
- Zero native code, zero build tools required

Dockerfile:
- Revert to node:22-alpine (was node:22-slim)
- Remove build tools (python3/make/g++) — no longer needed
- Restore wget HEALTHCHECK (available in Alpine busybox)

docker-compose.yaml: restore wget healthcheck

package.json: remove better-sqlite3 dependency
This commit is contained in:
Gronod
2026-05-17 07:13:56 +01:00
parent 49327cf9ae
commit 37c1b64982
5 changed files with 77 additions and 483 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
Dockerfile
View File

@@ -1,24 +1,18 @@
# ---------------------------------------------------------------------------
# Stage 1 — deps: install production dependencies only
# ---------------------------------------------------------------------------
# node:22-slim (Debian slim) is used instead of Alpine so that
# better-sqlite3 can use its pre-built glibc binaries rather than
# compiling from source (Alpine uses musl libc — no pre-builds exist).
# This keeps build times fast (~1 min vs ~5 min for source compilation).
FROM node:22-slim AS deps
FROM node:22-alpine AS deps
WORKDIR /app
# Copy manifests and install production deps only (no devDependencies).
# prebuild-install will download the pre-built better-sqlite3 binary for
# linux-x64-glibc, so no C++ toolchain is needed here.
# All dependencies are pure JavaScript — no native addons, no build tools.
COPY package.json package-lock.json ./
RUN npm ci --omit=dev
# ---------------------------------------------------------------------------
# Stage 2 — runtime image (minimal attack surface)
# ---------------------------------------------------------------------------
FROM node:22-slim AS runtime
FROM node:22-alpine AS runtime
LABEL org.opencontainers.image.title="sofarr"
LABEL org.opencontainers.image.description="Personal media download dashboard for *arr services"
@@ -52,9 +46,8 @@ USER node
EXPOSE 3001
# HEALTHCHECK — Docker will restart the container if this fails 3 times.
# Uses node's built-in http module (no wget/curl needed in slim image).
# HEALTHCHECK — Docker will restart the container if this fails 3 times
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
CMD node -e "require('http').get('http://localhost:3001/health',r=>{process.exit(r.statusCode===200?0:1)}).on('error',()=>process.exit(1))"
CMD wget -qO- http://localhost:3001/health || exit 1
CMD ["node", "server/index.js"]