FROM python:3.11.12-alpine

# Install zip and other necessary packages
RUN apk add --no-cache \
    zip \
    unzip \
    tar \
    gzip \
    bzip2 \
    xz \
    p7zip \
    sudo \
    shadow \
    openssh-client \
    rsync \
    curl \
    wget \
    bash \
    sshpass \
    git \
    su-exec \
    && which zip && zip --help

# Create app user with specific UID/GID
RUN addgroup -g 1000 appgroup && \
    adduser -u 1000 -G appgroup -s /bin/sh -D appuser

# set work directory
WORKDIR /app

# Change ownership of the work directory
RUN chown -R appuser:appgroup /app

# set env variables
ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED 1

# install dependencies
COPY requirements.txt .
RUN pip install -r requirements.txt

# copy project
COPY . .

# Copy init script
COPY init.sh /usr/local/bin/init.sh
RUN chmod +x /usr/local/bin/init.sh

# Ensure proper permissions for SQLite database and directories
RUN chown -R appuser:appgroup /app
RUN chmod -R 755 /app

# Specifically set permissions for SQLite database and its directory
RUN if [ -f /app/db.sqlite3 ]; then \
        chown appuser:appgroup /app/db.sqlite3 && \
        chmod 664 /app/db.sqlite3; \
    fi

# Create and set permissions for media and static directories
RUN mkdir -p /app/media /app/static /app/logs /tmp/backups && \
    chown -R appuser:appgroup /app/media /app/static /app/logs /tmp/backups && \
    chmod -R 755 /app/media /app/static /app/logs /tmp/backups

# Use init script as entrypoint (runs as root, then switches to appuser)
ENTRYPOINT ["/usr/local/bin/init.sh"]