feat: pack docker image

.github/workflows/docker-image.yml

@@ -0,0 +1,43 @@
+name: Build & Push Docker image
+
+on:
+  push:
+    branches:
+      - main
+
+# 写入/读取 package 权限，用于推送到 GHCR (ghcr.io)
+permissions:
+  contents: read
+  packages: write
+
+jobs:
+  build-and-push:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout source code
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU (多架构构建支持)
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v5
+        with:
+          context: .
+          file: ./Dockerfile
+          push: true
+          platforms: linux/amd64,linux/arm64
+          tags: |
+            ghcr.io/${{ github.repository_owner }}/moontv:latest
+            ghcr.io/${{ github.repository_owner }}/moontv:${{ github.sha }} 

Dockerfile

@@ -0,0 +1,53 @@
+# ---- 第 1 阶段：安装依赖 ----
+FROM node:20-alpine AS deps
+
+# 启用 corepack 并激活 pnpm（Node20 默认提供 corepack）
+RUN corepack enable && corepack prepare pnpm@latest --activate
+
+WORKDIR /app
+
+# 仅复制依赖清单，提高构建缓存利用率
+COPY package.json pnpm-lock.yaml ./
+
+# 安装所有依赖（含 devDependencies，后续会裁剪）
+RUN pnpm install --frozen-lockfile
+
+# ---- 第 2 阶段：构建项目 ----
+FROM node:20-alpine AS builder
+RUN corepack enable && corepack prepare pnpm@latest --activate
+WORKDIR /app
+
+# 复制依赖
+COPY --from=deps /app/node_modules ./node_modules
+# 复制全部源代码
+COPY . .
+
+# 生成生产构建
+RUN pnpm run build
+
+# 移除 devDependencies，仅保留生产依赖，减小体积
+RUN pnpm prune --prod
+
+# ---- 第 3 阶段：生成运行时镜像 ----
+FROM node:20-alpine AS runner
+
+# 创建非 root 用户
+RUN addgroup -g 1001 -S nodejs && adduser -u 1001 -S nextjs -G nodejs
+
+WORKDIR /app
+ENV NODE_ENV=production
+ENV PORT=3000
+
+# 复制必要文件
+COPY --from=builder /app/public ./public
+COPY --from=builder /app/.next ./.next
+COPY --from=builder /app/node_modules ./node_modules
+COPY --from=builder /app/package.json ./package.json
+
+# 切换到非特权用户
+USER nextjs
+
+EXPOSE 3000
+
+# 使用 next binary 启动
+CMD ["node_modules/.bin/next", "start", "-H", "0.0.0.0", "-p", "3000"] 

package.json

@@ -1,5 +1,5 @@
 {
-  "name": "moon-tv",
+  "name": "moontv",
   "version": "0.1.0",
   "private": true,
   "scripts": {