# Multi-stage Dockerfile for ORLY relay with embedded web UI

# Stage 1: Web UI build
FROM node:20-bookworm AS web-builder

WORKDIR /web

# Copy web UI files
COPY app/web/package.json app/web/package-lock.json* app/web/ ./

# Install dependencies and build
RUN npm ci && npm run build

# Stage 2: Go build stage
FROM golang:1.25-bookworm AS builder

# Install build dependencies
RUN apt-get update && apt-get install -y --no-install-recommends git make && rm -rf /var/lib/apt/lists/*

# Set working directory
WORKDIR /build

# Copy go mod files and build context first (needed for replace directives in go.mod)
COPY go.mod go.sum ./
COPY .docker-build-context/ ./docker-build-context/

# Copy vendored dependencies (created by build script)
COPY vendor/ ./vendor/

# Download dependencies (will use vendor if available)
RUN go mod download

# Copy source code
COPY . .

# Copy built web UI from web-builder stage
COPY --from=web-builder /web/dist ./app/web/dist

# Build the binary with CGO disabled
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o orly -ldflags="-w -s" .

# Stage 3: Runtime stage
FROM debian:bookworm-slim

# Install runtime dependencies
RUN apt-get update && \
    apt-get install -y --no-install-recommends ca-certificates curl libsecp256k1-1 && \
    rm -rf /var/lib/apt/lists/*

# Create app user
RUN groupadd -g 1000 orly && \
    useradd -m -u 1000 -g orly orly

# Set working directory
WORKDIR /app

# Copy binary (libsecp256k1.so.1 is already installed via apt)
COPY --from=builder /build/orly /app/orly

# Create data directory
RUN mkdir -p /data && chown -R orly:orly /data /app

# Switch to app user
USER orly

# Expose ports
EXPOSE 3334

# Health check
HEALTHCHECK --interval=10s --timeout=5s --start-period=20s --retries=3 \
    CMD curl -f http://localhost:3334/ || exit 1

# Set default environment variables
ENV ORLY_LISTEN=0.0.0.0 \
    ORLY_PORT=3334 \
    ORLY_DATA_DIR=/data \
    ORLY_LOG_LEVEL=info \
    ORLY_WEB_DISABLE=false \
    ORLY_WEB_DEV_PROXY_URL=""

# Run the binary
ENTRYPOINT ["/app/orly"]