# ═══════════════════════════════════════════════════════════════
#  Oltalama - Single Container (Backend + Frontend)
# ═══════════════════════════════════════════════════════════════

# Stage 1: Build Frontend
FROM node:20-alpine AS frontend-builder

WORKDIR /app/frontend

# Copy frontend files
COPY frontend/package*.json ./
RUN npm ci

COPY frontend/ ./
RUN npm run build

# Stage 2: Production (Backend + Frontend)
FROM node:20-alpine

# Install tini for proper signal handling
RUN apk add --no-cache tini

# Create app user
RUN addgroup -g 1001 -S oltalama && \
    adduser -S -u 1001 -G oltalama oltalama

WORKDIR /app

# Copy backend package files
COPY backend/package*.json ./backend/
WORKDIR /app/backend

# Install backend dependencies (production only)
RUN if [ -f package-lock.json ]; then \
        npm ci --omit=dev; \
    else \
        npm install --only=production; \
    fi

# Copy backend source
WORKDIR /app
COPY backend/ ./backend/

# Copy frontend build from builder stage
COPY --from=frontend-builder /app/frontend/dist ./frontend/dist

# Copy entrypoint script
COPY docker-entrypoint.sh /usr/local/bin/
RUN chmod +x /usr/local/bin/docker-entrypoint.sh

# Create necessary directories
RUN mkdir -p /app/backend/database /app/backend/logs && \
    chown -R oltalama:oltalama /app

# Switch to non-root user
USER oltalama

# Expose port
EXPOSE 3000

# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \
  CMD node -e "require('http').get('http://localhost:3000/health', (r) => {process.exit(r.statusCode === 200 ? 0 : 1)})"

# Use tini as entrypoint
ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/docker-entrypoint.sh"]
CMD ["node", "backend/src/app.js"]