bug: self host nextjs docker

[productdevbook]

Preflight checklist

• [x] I could not find a solution in the existing issues, docs, nor discussions.
• [x] I agree to follow this project's Code of Conduct.
• [x] I have read and am following this repository's Contribution Guidelines.
• [ ] I have joined the Ory Community Slack.
• [ ] I am signed up to the Ory Security Patch Newsletter.

Ory Network Project

https://github.com/ory/elements/tree/main/examples/nextjs-app-router

Describe the bug

Is it possible to add settings that work with docker, it would be great if you could add this with a dockerfile and compose.

 ⨯ Error [FetchError]: Unable to call the API endpoint. Ensure that CORS is set up correctly and that you have provided a valid SDK URL to Ory Elements.
    at <unknown> (.next/server/chunks/374.js:1:570008)
    at Generator.next (<anonymous>)
    at <unknown> (.next/server/chunks/374.js:1:568927)
    at new Promise (<anonymous>)
    at W (.next/server/chunks/374.js:1:568676)
    at <unknown> (.next/server/chunks/374.js:1:568950)
    at ea (.next/server/chunks/374.js:1:727268)
    at async a (.next/server/app/auth/login/page.js:1:3102) {
  digest: '4138030352',
  [cause]: Error [FetchError]: The request failed and the interceptors did not return an alternative response
      at I.<anonymous> (.next/server/chunks/374.js:1:525625)
      at Generator.throw (<anonymous>)
      at s (.next/server/chunks/374.js:1:523630) {
    [cause]: [TypeError: fetch failed] {
      [cause]: [AggregateError: ] { code: 'ECONNREFUSED' }
    }
  }
}

Reproducing the bug

services:
  app:
    build:
      context: .
      dockerfile: Dockerfile
    ports:
      - "3010:3000"
    environment:
      - NODE_ENV=production
      - PORT=3000
      - HOSTNAME=0.0.0.0
      - ORY_SDK_URL=http://kratos:4433
      - NEXT_PUBLIC_ORY_SDK_URL=http://localhost:4433
      - ORY_KRATOS_PUBLIC_URL=http://kratos:4433
      - ORY_KRATOS_ADMIN_URL=http://kratos:4434
    restart: unless-stopped
    networks:
      - intranet
    depends_on:
      kratos:
        condition: service_healthy

  kratos-migrate:
    image: oryd/kratos:v1.3.1
    environment:
      - DSN=postgres://postgres:[email protected]:5432/kratos?sslmode=disable
    volumes:
      - type: bind
        source: ./kratos
        target: /etc/config/kratos
    command: -c /etc/config/kratos/kratos.yml migrate sql -e --yes
    restart: on-failure
    networks:
      - intranet

  kratos:
    depends_on:
      - kratos-migrate
    image: oryd/kratos:v1.3.1
    ports:
      - '4433:4433' # public
      - '4434:4434' # admin
    restart: unless-stopped
    environment:
      - DSN=postgres://postgres:[email protected]:5432/kratos?sslmode=disable
      - LOG_LEVEL=trace
    command: serve -c /etc/config/kratos/kratos.yml --dev --watch-courier
    volumes:
      - type: bind
        source: ./kratos
        target: /etc/config/kratos
    networks:
      - intranet
    healthcheck:
      test: ["CMD", "wget", "--no-verbose", "--tries=1", "--spider", "http://localhost:4433/health/ready"]
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 30s
  mailcrab:
    image: marlonb/mailcrab:latest
    ports:
      - '1025:1025'
      - '1080:1080'
    networks:
      - intranet
  kratos-admin-proxy:
    image: nginx:alpine
    ports:
      - "8444:80"
    volumes:
      - ./kratos/nginx-admin.conf:/etc/nginx/conf.d/default.conf:ro
    environment:
      - ORY_ADMIN_API_TOKEN=super-secret-admin-token
    depends_on:
      - kratos
    networks:
      - intranet
networks:
  intranet:

DockerFile

# Base image
FROM node:22-alpine AS base

# Install dependencies only when needed
FROM base AS deps
# Check https://github.com/nodejs/docker-node/tree/b4117f9333da4138b03a546ec926ef50a31506c3#nodealpine to understand why libc6-compat might be needed.
RUN apk add --no-cache libc6-compat
WORKDIR /app

# Install dependencies based on the preferred package manager
COPY package.json pnpm-lock.yaml* ./
RUN \
  if [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm install --frozen-lockfile; \
  else echo "Lockfile not found." && exit 1; \
  fi

# Rebuild the source code only when needed
FROM base AS builder
WORKDIR /app
COPY --from=deps /app/node_modules ./node_modules
COPY . .

ENV NEXT_TELEMETRY_DISABLED 1

RUN \
  if [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm build; \
  else echo "Lockfile not found." && exit 1; \
  fi

# Production image, copy all the files and run next
FROM base AS runner
WORKDIR /app

ENV NODE_ENV production
# Uncomment the following line in case you want to disable telemetry during runtime.
# ENV NEXT_TELEMETRY_DISABLED 1

RUN addgroup --system --gid 1001 nodejs
RUN adduser --system --uid 1001 nextjs

# Copy public directory for static assets
COPY --from=builder /app/public ./public

# Set the correct permission for prerender cache
RUN mkdir .next
RUN chown nextjs:nodejs .next

# Automatically leverage output traces to reduce image size
# https://nextjs.org/docs/advanced-features/output-file-tracing
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static

USER nextjs

EXPOSE 3000

ENV PORT 3000
ENV HOSTNAME "0.0.0.0"

# server.js is created by next build from the standalone output
# https://nextjs.org/docs/pages/api-reference/next-config-js/output
CMD ["node", "server.js"]

Relevant log output

Relevant configuration

Version

1.3.1

On which operating system are you observing this issue?

macOS

In which environment are you deploying?

Docker Compose

Additional Context

No response