FROM python:3.12-slim-bookworm

# PYTHONFAULTHANDLER: Propagate tracebacks from all threads.
# PYTHONUNBUFFERED: Write terminal output straight to docker (to not confuse Docker Compose).
# PYTHONDONTWRITEBYTECODE: Dont write *pyc files at all, making it possible for a 100% read-only container.
# PIP_NO_CACHE_DIR: Disable PIP cache, we don't need pip's cache after building the image.
# PIP_DISABLE_PIP_VERSION_CHECK: Build the image with the available pip, do not check for updates (faster!)
# PIP_DEFAULT_TIMEOUT: Allow for longer timeouts.
ENV PYTHONFAULTHANDLER=1 \
  PYTHONUNBUFFERED=1 \
  PYTHONDONTWRITEBYTECODE=1 \
  PIP_NO_CACHE_DIR=1 \
  PIP_DISABLE_PIP_VERSION_CHECK=on \
  PIP_DEFAULT_TIMEOUT=100
ARG BUILD
ENV BUILD=${BUILD}
ARG REQUIREMENTS_FILE=requirements.txt

WORKDIR /app

RUN groupadd -g 1000 www && useradd -u 1000 -ms /bin/bash -g www www

# Only copy the requirements file first to leverage Docker cache
RUN mkdir requirements/
COPY $REQUIREMENTS_FILE $REQUIREMENTS_FILE

RUN mkdir -p /app/src/static && \
    chown www:www /app/src/static && \
    apt-get update && \
    apt-get install -y \
     binutils \
     libpq-dev \
     build-essential \
     netcat-openbsd \
     libcairo2 \
     libpango-1.0-0 \
     libpangocairo-1.0-0 \
     libgdk-pixbuf2.0-0 \
     libffi-dev \
     shared-mime-info \
     gettext && \
    pip install --no-cache-dir -r $REQUIREMENTS_FILE

# Copy the rest of the application
COPY . .

RUN django-admin compilemessages

ENTRYPOINT ["./entrypoint.sh"]

EXPOSE 8000

CMD ["uvicorn", "project.asgi:application", "--host", "0.0.0.0", "--port", "8000", "--workers", "3", "--lifespan", "off", "--app-dir", "/app/src"]