# Use Alpine Linux as base
FROM git.esculta.es/aesculta/alpine-base

# Install system dependencies
RUN apk update && apk add --no-cache \
    python3 \
    python3-dev \
    postgresql-dev \
    gcc \
    musl-dev \
    libffi-dev \
    jpeg-dev \
    zlib-dev \
    git \
    bash \
    su-exec \
    xmlsec-dev \
    xmlsec \
    py3-xmlsec \
    openldap-dev\
    py3-ldap

# Create and activate Python virtual environment
RUN python3 -m venv /venv
ENV PATH="/venv/bin:$PATH"

# Clone Tandoor Recipes repository (checking out stable version)
RUN git clone --depth 1 --branch 1.5.33 https://github.com/TandoorRecipes/recipes.git /app

WORKDIR /app

RUN echo -n 'INPUT ( libldap.so )' > /usr/lib/libldap_r.so

# Install Python dependencies in virtual environment
RUN /venv/bin/pip install --no-cache-dir --upgrade pip && \
    /venv/bin/pip install --no-cache-dir python-ldap xmlsec && \
    /venv/bin/pip install --no-cache-dir -r requirements.txt

# Create user and set permissions
RUN adduser -D -u 1000 tandoor && \
    chown -R tandoor:tandoor /app /venv

# Copy entrypoint script
COPY entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

# Environment variables (override these in your deployment)
ENV PYTHONUNBUFFERED=1 \
    DB_ENGINE=django.db.backends.postgresql \
    DB_HOST=postgres \
    DB_PORT=5432 \
    DB_NAME=tandoor \
    DB_USER=tandoor \
    DB_PASSWORD=changeme \
    SECRET_KEY=changeme \
    DEBUG=0 \
    STATIC_ROOT=/app/static \
    MEDIA_ROOT=/app/media

# Expose port
EXPOSE 80

# Volumes for persistent data
VOLUME ["/app/media", "/app/static"]

# Entrypoint and command
ENTRYPOINT ["/entrypoint.sh"]
CMD ["gunicorn", "--bind", "0.0.0.0:80", "--user", "tandoor", "--group", "tandoor", "recipes.wsgi"]