# ─────────────────────────────────────────────────────────
#  YouTube Summarizer — StartOS 0.4 Docker image
#
#  Multi-stage build for ARM64 (Raspberry Pi / Start9 server)
#  Includes: Node.js 20, Python 3, yt-dlp, ffmpeg
#
#  Uses Debian slim (not Alpine) because:
#  - yt-dlp's --impersonate chrome requires curl_cffi (compiled C extension)
#  - curl_cffi's prebuilt wheels target glibc, not musl
#  - Debian is more reliable for pip-installed packages with C deps on ARM64
# ─────────────────────────────────────────────────────────

# ── Stage 1: Install Node.js dependencies ──────────────────
FROM node:20-slim AS builder

# git is required by npm to clone the @keysat/licensing-client git+https
# dependency. Stripped from the final image (only used in this builder stage).
# The url.insteadOf rewrites force npm/git to use https for github.com even
# when npm's git resolver tries ssh first — there's no ssh client or key in
# this container.
RUN apt-get update && apt-get install -y --no-install-recommends git ca-certificates \
  && rm -rf /var/lib/apt/lists/* \
  && git config --global --add url."https://github.com/".insteadOf "ssh://git@github.com/" \
  && git config --global --add url."https://github.com/".insteadOf "git@github.com:" \
  && git config --global --add url."https://github.com/".insteadOf "git://github.com/"

WORKDIR /app/server
COPY server/package.json server/package-lock.json* ./
RUN npm ci --production --ignore-scripts 2>/dev/null || npm install --production --ignore-scripts

# ── Stage 2: Final runtime image ───────────────────────────
FROM node:20-slim AS runner

WORKDIR /app

# Install runtime dependencies:
#   - dumb-init: proper PID 1 signal handling in containers
#   - curl: health checks + yt-dlp binary downloads
#   - python3 + pip: yt-dlp installation and updates
#   - ffmpeg: audio extraction, splitting, and duration detection
#   - ca-certificates: HTTPS for YouTube/Gemini API calls
RUN apt-get update && apt-get install -y --no-install-recommends \
    dumb-init \
    curl \
    python3 \
    python3-pip \
    python3-venv \
    ffmpeg \
    ca-certificates \
  && rm -rf /var/lib/apt/lists/* \
  && pip3 install --break-system-packages yt-dlp curl_cffi \
  && yt-dlp --version

# Copy Node.js app from builder
COPY --from=builder /app/server/node_modules ./server/node_modules/
COPY server/package.json ./server/
COPY server/index.js ./server/
COPY server/license.js ./server/
COPY public/ ./public/
COPY assets/ ./assets/

# Copy StartOS scripts
COPY start9/0.4/docker_entrypoint.sh /usr/local/bin/docker_entrypoint.sh
COPY start9/0.4/healthcheck.sh /usr/local/bin/healthcheck.sh
RUN chmod +x /usr/local/bin/docker_entrypoint.sh /usr/local/bin/healthcheck.sh

# Create persistent data mount point
RUN mkdir -p /data

ENV NODE_ENV=production \
    PORT=3001 \
    DATA_DIR=/data

EXPOSE 3001

ENTRYPOINT ["dumb-init", "--", "/usr/local/bin/docker_entrypoint.sh"]