🔐 Reduce Docker size by half + improve security

[timoa]

Details

This PR optimized the Dockerfiles (frontend + backend), significantly reducing the image size and improving security by running as a non-root user (node).

Image	Current size	New size	Improvement
perplexica-frontend	2.37GB	807MB	-66%
perplexica-backend	1.84GB	701MB	-62%

Here are the fundamental changes and explanations:

1. Multi-stage build: I used a two-stage build process. The first stage (builder) installs dependencies and builds the application. The second stage only copies the necessary files for running the application.

2. Removed ARG and ENV variables on the backend image: Since Docker Compose or Kubernetes will provide the environment variables, I removed them from the Dockerfile. You can set these variables in your Docker Compose file or Kubernetes deployment configuration.

3. Optimized copying and building: I first copy only the package.json and yarn.lock files, then install dependencies. This allows better caching of the dependency installation step.

4. Minimal production image: The final stage only copies the built assets, node_modules, and necessary files from the builder stage, resulting in a much smaller Docker image.

5. Use a more standard folder for the app: I replaced the /home/perplexica with /app and updated the docker-compose.yaml file to this new path.

6. Use a non-root user (node): Instead of using the root user by default, I changed the container user to node (the default user for official Node Docker images). I had to set this user's permissions on the Dockerfiles and the docker-compose.yaml to avoid permission issues on the SQLite DB file.

Container files & permissions

Backend Docker

Frontend Docker

[rrfaria]

Is there any reason to not use 22 as was did on frontend?

[timoa]

The backend currently uses Node 18, and I thought it might not be compatible with higher Node versions.
The frontend doesn't have a version set and uses, by default, the latest Node version. I set the latest LTS (20), but happy to change it to the latest if the Node version is not an issue.

[rrfaria]

I believe you may use at least node 20 stable LTS version on backend. All dependencies on project seem to be compatible with newest version. But the way you did it works fine. try to make a small test and see if it works

[timoa]

I tried to build the backend with the Node 20 LTS, but it worked as expected.

I get the error below in the browser console. I don't know if it's related to using Node 20 or the latest version of the code.
I will investigate more before updating the PR.

http://localhost:3000/undefined/models 404 (Not Found)

[ngdbao]

Thanks. These improves are necessary for a production-driven project.

[timoa]

Thanks @ngdbao! I already made the Helm Chart for Perplexica, but I needed to have lighter and secure images before launching it my Kubernetes clusters 😅
I will continue to investigate the issue with the build and update this PR.

[ItzCrazyKns]

Converted it to a draft instead, you can mark this as open once it is completed.