# syntax=docker/dockerfile:1.6
#
# Proof of Work (proof-of-work) — StartOS 0.4 package image.
#
# Build context: repo root (see manifest.images.main.source.dockerBuild.workdir
# which is set to '../..' so all COPY paths below are repo-root-relative).
#
# This Dockerfile is self-contained: it references only files under
# `proof-of-work/` (the upstream app) and `start9/0.4/` (this wrapper).
#
# Data preservation (v1.0.0:1 — initial seeded cutover):
#   - This image bakes a one-time snapshot of the maintainer's live /data
#     volume under /app/seed/data so the cutover from the legacy `workout-log`
#     package preserves every workout, exercise, and preference.
#   - docker_entrypoint.sh copies the seed into the StartOS-managed /data
#     volume only on a truly-fresh first boot (both /data/app.db missing AND
#     /data/.seeded absent). Every subsequent boot leaves /data alone.
#   - v1.0.0:2 will strip the seed copy from the image and the seed-copy
#     branch from the entrypoint once the cutover is verified in production.
#   - A tiny empty-schema fallback DB is also COPYed from the builder stage
#     (at /app/prisma/data/app.db) as a safety net for fresh sideloads on a
#     brand-new host with no existing /data and no baked seed.

FROM node:20-alpine AS builder

WORKDIR /app

RUN apk add --no-cache openssl

COPY proof-of-work/package.json proof-of-work/package-lock.json ./
RUN npm ci

COPY proof-of-work/ ./
RUN npx prisma generate

# Build a fallback empty-but-schema-correct DB. Used by docker_entrypoint.sh
# only when /data has no app.db AND no baked seed is available (i.e. after
# v1.0.0:2 strips the seed). Seeded with the curated exercise library via
# `npm run db:seed`, so a brand-new install still gets the full library.
RUN mkdir -p /tmp-seed \
 && DATABASE_URL=file:/tmp-seed/app.db npx prisma db push --skip-generate \
 && DATABASE_URL=file:/tmp-seed/app.db npm run db:seed

RUN npm run build

FROM node:20-alpine AS runner

WORKDIR /app

RUN apk add --no-cache dumb-init curl openssl sqlite \
 && addgroup -S nodejs -g 1001 \
 && adduser -S nextjs -u 1001 -G nodejs

ENV NODE_ENV=production \
    HOSTNAME=0.0.0.0 \
    PORT=3000 \
    WORKOUT_DATA_DIR=/data \
    WORKOUT_DB_PATH=/data/app.db \
    WORKOUT_FALLBACK_SEED_DB_PATH=/app/prisma/data/app.db \
    WORKOUT_BAKED_SEED_DB_PATH=/app/seed/data/app.db \
    WORKOUT_LIBRARY_JSON_PATH=/app/prisma/exercises.seed.json

# Next.js standalone runtime bundle
COPY --from=builder --chown=nextjs:nodejs /app/.next/standalone ./
COPY --from=builder --chown=nextjs:nodejs /app/.next/static ./.next/static
COPY --from=builder --chown=nextjs:nodejs /app/public ./public
COPY --from=builder --chown=nextjs:nodejs /app/prisma ./prisma

# Empty-schema fallback DB (used only when no baked seed is available on a
# brand-new sideload).
COPY --from=builder --chown=nextjs:nodejs /tmp-seed/app.db /app/prisma/data/app.db

# Baked one-time cutover seed: the maintainer's live /data snapshot pulled
# off the running `workout-log` host via refresh_seed.sh. Copied into /data
# only on truly-fresh first boot. Removed in v1.0.0:2.
COPY --chown=nextjs:nodejs start9/0.4/seed/data /app/seed/data

# Container entrypoint and diagnostic healthcheck
COPY start9/0.4/docker_entrypoint.sh /usr/local/bin/docker_entrypoint.sh
COPY start9/0.4/healthcheck.sh /usr/local/bin/healthcheck.sh

RUN chmod +x /usr/local/bin/docker_entrypoint.sh /usr/local/bin/healthcheck.sh \
 && mkdir -p /data \
 && chown -R nextjs:nodejs /app /data

EXPOSE 3000

ENTRYPOINT ["dumb-init", "--", "/usr/local/bin/docker_entrypoint.sh"]
