# Build stage
FROM node:22-alpine AS builder

WORKDIR /app

# Install build dependencies for native modules (argon2, better-sqlite3)
RUN apk add --no-cache python3 make g++ sqlite-dev

# Copy package files
COPY package*.json ./

# Install all dependencies (including dev)
RUN npm ci

# Copy source
COPY tsconfig.json ./
COPY src/ ./src/

# Build TypeScript
RUN npm run build

# Prune dev dependencies
RUN npm prune --production

# Production stage
FROM node:22-alpine

WORKDIR /app

# Install runtime dependencies
RUN apk add --no-cache sqlite-libs

# Create non-root user
RUN addgroup -S appgroup && adduser -S appuser -G appgroup

# Copy built files
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules
COPY package*.json ./

# Copy public files
COPY public/ ./public/

# Copy database migrations
COPY src/db/migrations/ ./dist/db/migrations/

# Create data directory
RUN mkdir -p /app/data/content && chown -R appuser:appgroup /app/data

# Switch to non-root user
USER appuser

# Environment
ENV NODE_ENV=production
ENV DATA_DIR=/app/data
ENV PORT=3000

EXPOSE 3000

# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
    CMD wget -q --spider http://localhost:3000/health || exit 1

CMD ["node", "dist/index.js"]