chore(docker): configure docker build and deployment

[francescopausellii]

No description provided.

[gemini-code-assist]

Code Review

This pull request introduces Docker support for the Next.js application using a multi-stage build and a distroless runtime image. Feedback focuses on ensuring the Dockerfile aligns with the project's Next.js configuration for standalone output, addressing a security risk associated with unverified remote script execution during the build process, and improving image portability by removing hardcoded runtime environment variables.

[gemini-code-assist]

This COPY command will fail because the .next/standalone directory is only generated when output: 'standalone' is set in next.config.ts. The current project configuration does not include this setting. To fix this, you need to update your next.config.ts to enable standalone output.

[gemini-code-assist]

Piping curl to sh from a URL is a security risk as it executes remote code without verification. For improved security and reproducibility, it's better to download a specific, versioned release of node-prune from its official GitHub repository.

RUN npm run build && \
    (curl -sfL https://github.com/tj/node-prune/releases/download/v1.7.0/node-prune_1.7.0_linux_amd64.tar.gz | tar -xz -C /usr/local/bin) && \
    node-prune .next/standalone/node_modules

[gemini-code-assist]

Hardcoding runtime configuration like PORT and HOSTNAME in the Docker image reduces its portability. It's better to configure these via environment variables at runtime (which you are already doing in docker-compose.yml). I suggest removing them from the Dockerfile and only keeping NODE_ENV=production.

ENV NODE_ENV=production