Update docker build to be smaller & faster (#2693)

## Description:

1. eliminate redundant curls/downloads
2. better stage organization
3. only copy required dirs & files, (removed the COPY . .) 

## Please complete the following:

- [x] I have added screenshots for all UI updates
- [x] I process any text displayed to the user through translateText()
and I've added it to the en.json file
- [x] I have added relevant tests to the test directory
- [x] I confirm I have thoroughly tested these changes and take full
responsibility for any bugs introduced

## Please put your Discord username so you can be contacted if a bug or
regression is found:

evan

.dockerignore

@@ -9,7 +9,8 @@ LICENSE
 .vscode
 Makefile
 helm-charts
-.env
+.env*
 .editorconfig
 .idea
 coverage*
+tests/

Dockerfile

@@ -1,98 +1,94 @@
 # Use an official Node runtime as the base image
 FROM node:24-slim AS base
-# Set the working directory in the container
 WORKDIR /usr/src/app
 
-# Create dependency layer
-FROM base AS dependencies
+# Build stage - install ALL dependencies and build
+FROM base AS build
+ENV HUSKY=0
+# Copy package files first for better caching
+COPY package*.json ./
+RUN npm ci
+
+# Copy only what's needed for build
+COPY tsconfig.json ./
+COPY tsconfig.jest.json ./
+COPY webpack.config.js ./
+COPY tailwind.config.js ./
+COPY postcss.config.js ./
+COPY eslint.config.js ./
+COPY resources ./resources
+COPY proprietary ./proprietary
+COPY src ./src
+
+ARG GIT_COMMIT=unknown
+ENV GIT_COMMIT="$GIT_COMMIT"
+RUN npm run build-prod
+
+# Production dependencies stage - separate from build
+FROM base AS prod-deps
+ENV HUSKY=0
+ENV NPM_CONFIG_IGNORE_SCRIPTS=1
+COPY package*.json ./
+RUN npm ci --omit=dev
+
+# Final production image
+FROM base
+
+# Install system dependencies
 RUN apt-get update && apt-get install -y \
     nginx \
-    git \
     curl \
     jq \
     wget \
+    supervisor \
     apache2-utils \
     && rm -rf /var/lib/apt/lists/*
 
-# Update worker_connections in the existing nginx.conf
-RUN sed -i 's/worker_connections [0-9]*/worker_connections 8192/' /etc/nginx/nginx.conf
-
-FROM dependencies AS build
-ARG GIT_COMMIT=unknown
-ENV GIT_COMMIT="$GIT_COMMIT"
-# Disable Husky hooks
-ENV HUSKY=0
-# Copy package.json and package-lock.json
-COPY package*.json ./
-# Install dependencies
-RUN npm ci
-# Copy the rest of the application code
-COPY . .
-# Build the client-side application
-RUN npm run build-prod
-# So we can see which commit was used to build the container
-# https://openfront.io/commit.txt
-RUN echo "$GIT_COMMIT" > static/commit.txt
-
-# Remove maps data from final image
-FROM base AS prod-files
-COPY . .
-RUN rm -rf resources/maps
-
-FROM dependencies AS npm-dependencies
-# Disable Husky hooks
-ENV HUSKY=0
-ENV NPM_CONFIG_IGNORE_SCRIPTS=1
-# Copy package.json and package-lock.json
-COPY package*.json ./
-# Install dependencies
-RUN npm ci --omit=dev
-
-# Final image
-FROM base
-ARG GIT_COMMIT=unknown
-ENV GIT_COMMIT="$GIT_COMMIT"
-RUN apt-get update && apt-get install -y \
-    nginx \
-    supervisor \
-    curl \
-    && rm -rf /var/lib/apt/lists/*
-
-# Copy installed packages from dependencies stage
 RUN curl -L https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb > cloudflared.deb \
     && dpkg -i cloudflared.deb \
     && rm cloudflared.deb
 
-# Copy Nginx configuration and ensure it's used instead of the default
-COPY nginx.conf /etc/nginx/conf.d/default.conf
-RUN rm -f /etc/nginx/sites-enabled/default
-COPY --from=dependencies /etc/nginx/nginx.conf /etc/nginx/nginx.conf
+# Update worker_connections in nginx.conf
+RUN sed -i 's/worker_connections [0-9]*/worker_connections 8192/' /etc/nginx/nginx.conf
 
-# Copy npm dependencies
-COPY --from=npm-dependencies /usr/src/app/node_modules node_modules
-COPY package.json .
-
-# Copy the rest of the application code
-COPY --from=prod-files /usr/src/app/ /usr/src/app/
-
-# Copy frontend
-COPY --from=build /usr/src/app/static static
+# Create cloudflared directory with proper permissions
+RUN mkdir -p /etc/cloudflared && \
+    chown -R node:node /etc/cloudflared && \
+    chmod -R 755 /etc/cloudflared
 
 # Setup supervisor configuration
 RUN mkdir -p /var/log/supervisor
 COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
 
+# Copy Nginx configuration
+COPY nginx.conf /etc/nginx/conf.d/default.conf
+RUN rm -f /etc/nginx/sites-enabled/default
+
 # Copy and make executable the startup script
 COPY startup.sh /usr/local/bin/
 RUN chmod +x /usr/local/bin/startup.sh
 
-RUN mkdir -p /etc/cloudflared && \
-    chown -R node:node /etc/cloudflared && \
-    chmod -R 755 /etc/cloudflared
+# Copy production node_modules from prod-deps stage (cached separately from build)
+COPY --from=prod-deps /usr/src/app/node_modules ./node_modules
+COPY package*.json ./
 
-# Set Cloudflared config directory to a volume mount location
+# Copy built artifacts from build stage
+COPY --from=build /usr/src/app/static ./static
+
+COPY resources ./resources
+
+# Remove maps because they are not used by the server.
+RUN rm -rf ./resources/maps
+COPY tsconfig.json ./
+COPY src ./src
+
+
+ARG GIT_COMMIT=unknown
+RUN echo "$GIT_COMMIT" > static/commit.txt
+
+ENV GIT_COMMIT="$GIT_COMMIT"
 ENV CF_CONFIG_PATH=/etc/cloudflared/config.yml
 ENV CF_CREDS_PATH=/etc/cloudflared/creds.json
 
 # Use the startup script as the entrypoint
-ENTRYPOINT ["/usr/local/bin/startup.sh"]
+ENTRYPOINT ["/usr/local/bin/startup.sh"]