# 移除 syntax 指令以避免网络问题
# 原指令: # syntax=docker/dockerfile:1
# check=error=true

# This Dockerfile is designed for Git-based deployment with Kamal
# It pulls code from Git during deployment and uses external volumes for code, build artifacts, and data

# Make sure RUBY_VERSION matches the Ruby version in .ruby-version
ARG RUBY_VERSION=3.2.2
FROM docker.io/library/ruby:$RUBY_VERSION-slim

# Rails app lives here
WORKDIR /rails

# Install base packages including Git for code pulling
RUN apt-get update -qq && \
    apt-get install --no-install-recommends -y \
    curl \
    libjemalloc2 \
    libvips \
    sqlite3 \
    nodejs \
    npm \
    netcat-openbsd \
    git \
    build-essential \
    pkg-config \
    && rm -rf /var/lib/apt/lists /var/cache/apt/archives

# Set production environment
ENV RAILS_ENV="production" \
    BUNDLE_DEPLOYMENT="1" \
    BUNDLE_PATH="/usr/local/bundle" \
    BUNDLE_WITHOUT="development"

# Create directories for mounted volumes
RUN mkdir -p \
    /rails/code \
    /rails/storage \
    /rails/public/uploads \
    /rails/public/assets \
    /rails/public/vite \
    /rails/node_modules \
    /rails/tmp \
    /rails/log \
    /rails/tmp/pids \
    /rails/tmp/cache \
    /rails/tmp/sockets

# Declare volumes for persistent storage
VOLUME ["/rails/code", "/rails/storage", "/rails/public/uploads", "/rails/public/vite", "/rails/node_modules", "/rails/log", "/rails/tmp"]

# Copy entrypoint script
COPY bin/docker-entrypoint /rails/bin/
# RUN chmod +x /rails/bin/docker-entrypoint

# Run and own only the runtime files as a non-root user for security
RUN groupadd --system --gid 1000 rails && \
    useradd rails --uid 1000 --gid 1000 --create-home --shell /bin/bash && \
    chown -R rails:rails /rails

USER 1000:1000

# Entrypoint pulls code, installs dependencies, and prepares the application
ENTRYPOINT ["/rails/bin/docker-entrypoint"]

# Start server via Thruster by default, this can be overwritten at runtime
EXPOSE 80
CMD ["./bin/thrust", "./bin/rails", "server"]