FROM node:20

# Ensure non-root user for build/run (node image has a non-root user with uid 1000)
USER 1000
WORKDIR /usr/src/app

# Install deps with ci for reproducibility and layer caching
COPY --chown=1000 package.json package-lock.json ./
RUN npm ci

# Copy the rest of the application
COPY --chown=1000 . .

# Normalize and ensure start script is executable
USER root
RUN sed -i 's/\r$//' /usr/src/app/start.sh && chmod +x /usr/src/app/start.sh
USER 1000

# Make embed/lite mode available at build-time for client code
ENV NEXT_PUBLIC_EMBED_MODE=true

# Build the app
RUN npm run build

# Expose both common ports (Space sets $PORT; we honor it at runtime)
EXPOSE 7860
EXPOSE 3000

ENV HOST=0.0.0.0
ENV PORT=7860
# Disable telemetry and ensure production env
ENV NEXT_TELEMETRY_DISABLED=1
ENV NODE_ENV=production
# Start via script that logs and honors $PORT
ENTRYPOINT ["/usr/src/app/start.sh"]