Fix OOM build (exit 137) by disabling sourcemap generation

Postiz upstream enables both Next.js productionBrowserSourceMaps and
Sentry's webpack sourcemap plugin. Together they push peak build memory
past HF Space builder limits (16 GB cap), causing OOMKilled at exit 137.

Patch apps/frontend/next.config.js during build:
- productionBrowserSourceMaps: true → false
- Sentry sourcemaps.disable: false → true

Also lower per-app heap from 4 GB to 3 GB and build the four Postiz apps
sequentially (backend → workers → cron → frontend) instead of in parallel
— concurrent Next.js + Nest builds each spawn worker pools and stack peak
RSS.

README updated for /app routing (Postiz UI mounted at /app/*, dashboard
owns /, OAuth callback URLs need the /app prefix).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>

Dockerfile

@@ -37,18 +37,40 @@ RUN npm install -g pnpm@10.6.1
 # Pinned to v2.11.3 — last release before Temporal became a hard requirement.
 RUN git clone --depth=1 --branch v2.11.3 https://github.com/gitroomhq/postiz-app.git .
 
-# Patch Next.js config to mount the frontend at /app.
-# We inject basePath + assetPrefix immediately after `const nextConfig = {`.
-# This makes Next.js generate links/asset URLs prefixed with /app, so the
-# browser will hit /app/_next/* etc., which our health-server then strips
-# back to /_next/* before passing to nginx.
+# Patch Next.js config to fix two things:
+#   1. basePath/assetPrefix=/app  → mount Postiz UI at /app (HuggingPost
+#      dashboard owns /).
+#   2. Disable sourcemap generation — Postiz upstream sets both
+#      `productionBrowserSourceMaps: true` AND Sentry's webpack plugin
+#      `sourcemaps: { disable: false }`. Together they push peak build
+#      memory past HF Space builder limits (exit 137 OOMKilled).
+#      We flip both to false; visible cost is no client-side stack-trace
+#      symbolization, which we don't need on a self-host.
 RUN sed -i "s|const nextConfig = {|const nextConfig = {\n  basePath: '/app',\n  assetPrefix: '/app',|" apps/frontend/next.config.js \
+    && sed -i "s|productionBrowserSourceMaps: true|productionBrowserSourceMaps: false|" apps/frontend/next.config.js \
+    && sed -i "s|disable: false,|disable: true,|" apps/frontend/next.config.js \
     && grep -q "basePath: '/app'" apps/frontend/next.config.js \
-    || (echo "BASEPATH PATCH FAILED — next.config.js shape changed upstream"; exit 1)
-
-# Install + build. 4 GB heap for the Next.js compile.
+    && grep -q "productionBrowserSourceMaps: false" apps/frontend/next.config.js \
+    || (echo "PATCH FAILED — next.config.js shape changed upstream"; exit 1)
+
+# Sentry env stubs — even with the wrapper bypassed, transitive imports may
+# probe these. Empty values keep them from doing network calls.
+ENV SENTRY_DSN="" \
+    SENTRY_AUTH_TOKEN="" \
+    SENTRY_ORG="" \
+    SENTRY_PROJECT="" \
+    NEXT_PUBLIC_SENTRY_DSN="" \
+    NEXT_TELEMETRY_DISABLED=1
+
+# Install all deps (sharp is optional but Next.js image optimization needs it).
 RUN pnpm install --frozen-lockfile=false
-RUN NODE_OPTIONS="--max-old-space-size=4096" pnpm run build
+
+# Build apps one at a time with a 3 GB heap. Sequential matters: parallel
+# Next.js + Nest builds each spawn workers and stack peak RSS.
+RUN NODE_OPTIONS="--max-old-space-size=3072" pnpm run build:backend
+RUN NODE_OPTIONS="--max-old-space-size=3072" pnpm run build:workers
+RUN NODE_OPTIONS="--max-old-space-size=3072" pnpm run build:cron
+RUN NODE_OPTIONS="--max-old-space-size=3072" pnpm run build:frontend
 
 # Drop dev junk to shrink the runtime image.
 RUN find . -name ".git" -type d -prune -exec rm -rf {} + 2>/dev/null || true \

README.md

@@ -172,9 +172,11 @@ HuggingPost will create or update a Worker named `<your-space-host>-proxy` and r
 Each social platform requires you to register your Postiz instance as an OAuth app. The callback URL pattern is:
 
 ```
-https://<your-space-host>/api/integrations/social/<platform>/callback
+https://<your-space-host>/app/api/integrations/social/<platform>/callback
 ```
 
+(Note the `/app` prefix — Postiz UI is mounted there so its API is too.)
+
 For each platform you want (X, LinkedIn, Facebook, etc.), follow the [Postiz provider docs](https://docs.postiz.com/providers) to obtain client ID + secret, then enter them inside Postiz **Settings → Channels** (NOT as Space secrets — Postiz stores them encrypted in its DB).
 
 > [!TIP]
@@ -201,21 +203,22 @@ HuggingPost/
 
 | Path | Target | Notes |
 | :--- | :--- | :--- |
-| `/` | dashboard (local) | HTML status page |
-| `/health`, `/status`, `/uptimerobot/setup` | local | JSON / handlers |
-| `/api/*` | backend `:3000` | `/api` prefix stripped |
-| `/uploads/*` | backend `:3000` | media files |
-| `/*` | frontend `:4200` | Next.js pages, `/_next/*`, etc. |
+| `/` | HuggingPost dashboard (local) | Status + UptimeRobot setup |
+| `/health`, `/status`, `/uptimerobot/setup` | local | JSON handlers |
+| `/app` or `/app/*` | Postiz nginx `:5000` | `/app` stripped — Next.js built with `basePath="/app"` |
+| `/_next/*`, `/static/*` | 301 → `/app/<path>` | Catches absolute-URL leaks |
+| anything else | 404 | — |
 
 **Internal processes:**
 
-| Process | Port | Memory cap |
+| Process | Port | Notes |
 | :--- | :--- | :--- |
-| `health-server.js` | 7860 (public) | — |
-| Postiz frontend (Next.js) | 4200 | 2 GB |
-| Postiz backend (NestJS) | 3000 | 2 GB |
-| Postiz workers | — | 1 GB |
-| Postiz cron | — | 512 MB |
+| `health-server.js` | 7860 (public) | Dashboard + reverse proxy |
+| nginx | 5000 (internal) | Routes `/api`→3000, `/uploads`→fs, `/`→4200 |
+| Postiz backend (NestJS) | 3000 | Started by PM2 |
+| Postiz frontend (Next.js) | 4200 | Started by PM2, `basePath=/app` baked at build |
+| Postiz workers | — | BullMQ consumer |
+| Postiz cron | — | Schedule tick |
 | `postgres` | 5432 | — |
 | `redis-server` | 6379 | — |
 | `postiz-sync.py` (loop) | — | — |
@@ -239,8 +242,8 @@ The Space slept. Set up UptimeRobot from the dashboard.
 **OAuth callback fails for X/Facebook/LinkedIn**
 Some platforms reject `*.hf.space` subdomains as redirect URIs. You may need to put a custom domain in front (Cloudflare → HF Space CNAME).
 
-**Out of memory during build**
-The Next.js build needs `--max-old-space-size=4096`. If you forked and changed the Dockerfile, make sure the `NODE_OPTIONS` flag is still on the `pnpm run build` line.
+**Out of memory during build (exit 137 / OOMKilled)**
+The Dockerfile patches `apps/frontend/next.config.js` to disable sourcemap generation (`productionBrowserSourceMaps: false` + Sentry `sourcemaps.disable: true`). Without these, peak build memory exceeds HF Space builder limits. If you forked and removed those sed patches, OOM returns. Builds also run apps sequentially (backend → workers → cron → frontend) at 3 GB heap each — parallel builds OOM.
 
 **`prisma-db-push` fails on first boot**
 Usually means Postgres didn't finish starting. Container will exit and HF will auto-restart — second boot usually succeeds. If it persists, check Logs for the actual Prisma error.