FROM python:3.12.2-bookworm

LABEL maintainer="Jamie Gardner"

WORKDIR /var/www/html

ENV DEBIAN_FRONTEND=noninteractive
ENV TZ=UTC

ENV PYTHONDONTWRITEBYTECODE=1
ENV PYTHONUNBUFFERED=1

RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

RUN echo "Acquire::http::Pipeline-Depth 0;" > /etc/apt/apt.conf.d/99custom && \
    echo "Acquire::http::No-Cache true;" >> /etc/apt/apt.conf.d/99custom && \
    echo "Acquire::BrokenProxy    true;" >> /etc/apt/apt.conf.d/99custom

RUN apt-get update && apt-get upgrade -y \
    && mkdir -p /etc/apt/keyrings \
    && apt-get install -y gnupg gosu curl ca-certificates zip unzip git supervisor sqlite3 libcap2-bin libpng-dev dnsutils librsvg2-bin fswatch ffmpeg nano \
       build-essential libssl-dev libffi-dev libopenblas-dev

ARG NODE_VERSION=20

RUN mkdir -m 0755 -p /etc/apt/keyrings/ \
    && curl -s https://deb.nodesource.com/gpgkey/nodesource.gpg.key | gpg --dearmor | tee /etc/apt/keyrings/nodesource.gpg >/dev/null \
    && echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_VERSION.x jammy main" > /etc/apt/sources.list.d/nodesource.list \
    && echo "deb-src [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_VERSION.x jammy main" >> /etc/apt/sources.list.d/nodesource.list \
#    && echo "deb [signed-by=/etc/apt/nodesource.gpg] https://deb.nodesource.com/node_$NODE_VERSION.x nodistro main" > /etc/apt/sources.list.d/nodesource.list \
    && chmod a+r /etc/apt/keyrings/nodesource.gpg \
    && apt-get update \
    && apt-get install -y nodejs \
    && npm install -g npm \
    && apt-get -y autoremove \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

ARG WWWGROUP

RUN groupadd --force -g $WWWGROUP trustapp
RUN useradd -ms /bin/bash --no-user-group -g $WWWGROUP -u 1337 trustapp

ENV FLASK_APP="main.py"
ENV FLASK_ENV="production"
ENV FLASK_DEBUG=0

ENV SUPERVISOR_FLASK_COMMAND="gunicorn -w 5 'main:create_app()' -b 0.0.0.0:8000"
ENV SUPERVISOR_FLASK_USER="trustapp"

COPY docker/flask/start-container /usr/local/bin/start-container
COPY docker/flask/supervisord.conf /etc/supervisor/conf.d/supervisord.conf
RUN chmod +x /usr/local/bin/start-container

COPY . .

ENV PIP_ROOT_USER_ACTION=ignore

RUN pip install --upgrade pip \
    && pip install gunicorn \
    && pip install -r requirements.txt

RUN test -f .env || cp .env.example .env

RUN cd /var/www/html/vite \
    && npm ci \
    && npm run build

ENTRYPOINT ["start-container"]
