From 62dea0e53cc721372e38329ef369d0123309020c Mon Sep 17 00:00:00 2001
From: Aaron Guise <aaron@guise.net.nz>
Date: Mon, 30 Jun 2025 22:08:49 +1200
Subject: [PATCH] feat: add Docker containerization with multi-stage build
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Create production-ready Dockerfile with multi-stage build
- Add CGO support for SQLite driver compilation
- Implement security best practices with non-root user
- Add health checks with proper API version headers
- Create .dockerignore for optimized build context
- Support both SQLite and MySQL in containerized environment
- Include volume mounting for data persistence

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 .dockerignore | 39 +++++++++++++++++++++++++++++++
 Dockerfile    | 64 +++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 103 insertions(+)
 create mode 100644 .dockerignore
 create mode 100644 Dockerfile

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..9bb743f
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,39 @@
+# Git
+.git
+.gitignore
+
+# Documentation
+README.md
+*.md
+
+# Docker
+Dockerfile
+.dockerignore
+
+# Build artifacts
+server
+*.exe
+
+# Development files
+.vscode/
+.idea/
+
+# Local config and data
+config.json
+*.db
+data/
+
+# Test files
+*_test.go
+test*
+
+# Temporary files
+*.tmp
+*.log
+
+# OS files
+.DS_Store
+Thumbs.db
+
+# Dependencies (will be downloaded)
+vendor/
\ No newline at end of file
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..269f768
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,64 @@
+# Build stage
+FROM golang:1.24-alpine AS builder
+
+# Install build dependencies for CGO (needed for SQLite)
+RUN apk add --no-cache git gcc musl-dev
+
+# Set working directory
+WORKDIR /app
+
+# Copy go mod files
+COPY go.mod go.sum ./
+
+# Download dependencies
+RUN go mod download
+
+# Copy source code
+COPY . .
+
+# Build the application
+RUN CGO_ENABLED=1 GOOS=linux go build -a -installsuffix cgo -o server ./core/
+
+# Final stage
+FROM alpine:latest
+
+# Install ca-certificates for HTTPS and sqlite for database
+RUN apk --no-cache add ca-certificates sqlite
+
+# Create app user for security
+RUN adduser -D -s /bin/sh appuser
+
+# Set working directory
+WORKDIR /app
+
+# Copy binary from builder stage
+COPY --from=builder /app/server .
+
+# Create data directory for SQLite
+RUN mkdir -p /app/data && chown appuser:appuser /app/data
+
+# Copy config sample (optional)
+COPY config.json.sample .
+
+# Change ownership to app user
+RUN chown -R appuser:appuser /app
+
+# Switch to non-root user
+USER appuser
+
+# Expose port (default 8080, can be overridden with OA_PORT)
+EXPOSE 8080
+
+# Health check - requires Accept-Version header
+HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
+  CMD wget --no-verbose --tries=1 --spider --header="Accept-Version: v1" http://localhost:8080/ || exit 1
+
+# Set default environment variables
+ENV OA_DATABASE_DRIVER=sqlite \
+    OA_DATABASE_FILE=/app/data/openaccounting.db \
+    OA_ADDRESS=0.0.0.0 \
+    OA_PORT=8080 \
+    OA_API_PREFIX=/api/v1
+
+# Run the application
+CMD ["./server"]
\ No newline at end of file