FROM drogonframework/drogon:latest

WORKDIR /app

# Install additional dependencies including GPGME for PGP verification, FFmpeg for thumbnails, and libzip for EPUB
RUN apt-get update && apt-get install -y \
    libpq-dev \
    postgresql-client \
    pkg-config \
    git \
    cmake \
    libhiredis-dev \
    curl \
    libssl-dev \
    gnupg \
    gnupg2 \
    libgpgme-dev \
    ffmpeg \
    libzip-dev \
    && rm -rf /var/lib/apt/lists/*

# Try to install redis-plus-plus from package manager first
RUN apt-get update && \
    (apt-get install -y libredis++-dev || echo "Package not available") && \
    rm -rf /var/lib/apt/lists/*

# If package not available, build from source
RUN if ! pkg-config --exists redis++; then \
        echo "Building redis-plus-plus from source..." && \
        git clone --depth 1 https://github.com/sewenew/redis-plus-plus.git && \
        cd redis-plus-plus && \
        mkdir build && \
        cd build && \
        cmake -DCMAKE_BUILD_TYPE=Release \
              -DREDIS_PLUS_PLUS_CXX_STANDARD=17 \
              -DREDIS_PLUS_PLUS_BUILD_TEST=OFF \
              -DREDIS_PLUS_PLUS_BUILD_STATIC=OFF \
              -DCMAKE_INSTALL_PREFIX=/usr/local .. && \
        make -j$(nproc) && \
        make install && \
        cd ../.. && \
        rm -rf redis-plus-plus; \
    fi

# Install bcrypt library
RUN git clone --depth 1 https://github.com/trusch/libbcrypt.git && \
    cd libbcrypt && \
    mkdir build && \
    cd build && \
    cmake .. && \
    make -j$(nproc) && \
    make install && \
    cd ../.. && \
    rm -rf libbcrypt

# Install jwt-cpp (header-only)
RUN git clone --depth 1 https://github.com/Thalhammer/jwt-cpp.git && \
    cd jwt-cpp && \
    mkdir build && \
    cd build && \
    cmake .. && \
    make install && \
    cd ../.. && \
    rm -rf jwt-cpp

# Update library cache - this is critical!
RUN ldconfig

# Copy source files
COPY CMakeLists.txt ./
COPY src/ src/

# Clean any existing build artifacts
RUN rm -rf build CMakeCache.txt

# Create clean build directory
RUN mkdir -p build

# Build the application with RPATH set correctly
# Use -j1 to limit memory usage (OOM with parallel builds in constrained CI runners)
RUN cd build && \
    cmake .. -DCMAKE_BUILD_TYPE=Release \
             -DCMAKE_INSTALL_RPATH="/usr/local/lib" \
             -DCMAKE_BUILD_WITH_INSTALL_RPATH=TRUE && \
    cmake --build . -j1

# Copy config template (real config mounted at runtime via docker-compose)
COPY config.json.example config.json

# Create uploads directory with proper permissions
# Using nobody user's UID/GID (65534) for consistency with nginx
RUN mkdir -p /app/uploads/avatars /app/uploads/stickers /app/uploads/sticker-submissions /app/uploads/videos /app/uploads/logo /app/uploads/ebooks /app/uploads/ebooks/covers /app/uploads/forums && \
    chown -R 65534:65534 /app/uploads && \
    chmod -R 755 /app/uploads

# Create a temporary directory for GPG operations
RUN mkdir -p /tmp/pgp_verify && \
    chmod 777 /tmp/pgp_verify

# Ensure libraries are available
ENV LD_LIBRARY_PATH=/usr/local/lib:$LD_LIBRARY_PATH

# Add a startup script to check dependencies and create directories
RUN echo '#!/bin/bash\n\
echo "Checking library dependencies..."\n\
ldd ./build/streaming-backend\n\
echo "Checking GPG installation..."\n\
gpg --version\n\
echo "Checking FFmpeg installation..."\n\
ffmpeg -version | head -1\n\
echo "Ensuring upload directories exist with proper permissions..."\n\
mkdir -p /app/uploads/avatars /app/uploads/stickers /app/uploads/sticker-submissions /app/uploads/videos /app/uploads/logo /app/uploads/ebooks /app/uploads/ebooks/covers /app/uploads/forums\n\
chown -R 65534:65534 /app/uploads\n\
chmod -R 755 /app/uploads\n\
echo "Starting application..."\n\
exec ./build/streaming-backend' > start.sh && \
    chmod +x start.sh

EXPOSE 8080

CMD ["./start.sh"]