FROM php:8.4-fpm-alpine3.23

ENV APP_ENV=production
ENV APP_DEBUG=false
WORKDIR /var/www
RUN apk update && apk add --no-cache \
    build-base \
    libpng-dev \
    libjpeg-turbo-dev \
    freetype-dev \
    zip \
    jpegoptim optipng pngquant gifsicle \
    vim \
    unzip \
    git \
    curl \
    libzip-dev \
    oniguruma-dev \
    nodejs \
    npm \
    icu-dev \
    sqlite-dev \
    sqlite-libs \
    nginx \
    supervisor \
    su-exec \
    tini \
    unzip \
    bash \
    jq \
    && rm -rf /var/cache/apk/*

RUN curl -sSL https://github.com/nats-io/natscli/releases/download/v0.3.1/nats-0.3.1-linux-amd64.zip -o /tmp/nats.zip \
    && unzip /tmp/nats.zip -d /tmp/nats \
    && mv /tmp/nats/nats-0.3.1-linux-amd64/nats /usr/local/bin/nats \
    && chmod +x /usr/local/bin/nats \
    && rm -rf /tmp/nats /tmp/nats.zip    

RUN rm -rf /var/cache/apk/*
RUN docker-php-ext-install mbstring zip exif pcntl intl gd pdo pdo_sqlite bcmath
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer

# Copy entrypoint script
COPY cmd/docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
RUN chmod +x /usr/local/bin/docker-entrypoint.sh

# Copy supervisord configuration
COPY ./docker/supervisord.conf /etc/supervisord.conf
RUN mkdir -p /var/log/supervisor \
    && mkdir -p /run/nginx /var/cache/nginx /var/lib/nginx /var/tmp/nginx \
    && chown -R root:root /run/nginx /var/cache/nginx /var/lib/nginx /var/tmp/nginx 

# Create www user and add to www-data group
RUN adduser -u 1000 -G www-data -s /bin/sh -D www

# Configure PHP-FPM to run as www user
RUN sed -i 's/user = www-data/user = www/g' /usr/local/etc/php-fpm.d/www.conf 

# Remove the semicolon to uncomment the listen directive
RUN sed -i 's/;listen = 127.0.0.1:9000/listen = 9000/' /usr/local/etc/php-fpm.d/www.conf

# Ensure the worker running the code is correct (usually www-data or nginx)
RUN sed -i 's/;listen.owner = www-data/listen.owner = www/' /usr/local/etc/php-fpm.d/www.conf
RUN sed -i 's/;listen.group = www-data/listen.group = www-data/' /usr/local/etc/php-fpm.d/www.conf

# Update nginx.conf to use 'www' user instead of 'nginx'
RUN sed -i 's/user nginx;/user www;/' /etc/nginx/nginx.conf

# Remove user and group directives from nginx and php-fpm configs to avoid conflicts
RUN sed -i '/^user /d' /etc/nginx/nginx.conf
RUN sed -i '/^user = /d' /usr/local/etc/php-fpm.d/www.conf
RUN sed -i '/^group = /d' /usr/local/etc/php-fpm.d/www.conf

# Set permissions for nginx directories
RUN mkdir -p /var/lib/nginx/tmp/client_body /var/log/nginx \
    && chown -R www:www-data /var/lib/nginx /var/log/nginx \
    && chmod -R 755 /var/lib/nginx /var/log/nginx \
    && touch /run/nginx/nginx.pid \
    && chown www:www-data /run/nginx/nginx.pid 

# Copy application code (includes database/migrations/) and excluding 
# files in .dockerignore
COPY --chown=www:www-data . /var/www
RUN chown -R www:www-data /var/www
RUN chown -R www:www-data /var/log/supervisor

# Switch to www user
USER www

# Install app dependencies
RUN composer install --optimize-autoloader --no-dev
RUN npm ci
RUN npm run build

# run laravel cache optimization
RUN php artisan optimize

EXPOSE 8889

ENTRYPOINT ["/sbin/tini", "--", "/usr/local/bin/docker-entrypoint.sh"]
CMD ["/usr/bin/supervisord", "-n", "-c", "/etc/supervisord.conf"]