FROM piefed-base AS piefed-web

# Install nginx (only needed for web container)
RUN apk add --no-cache nginx

# Web-specific Python configuration for Flask
RUN echo 'import os' > /app/uwsgi_config.py && \
    echo 'os.environ.setdefault("FLASK_APP", "pyfedi.py")' >> /app/uwsgi_config.py

# Copy web-specific configuration files
COPY nginx.conf /etc/nginx/nginx.conf
COPY uwsgi.ini /app/uwsgi.ini
COPY supervisord-web.conf /etc/supervisor/conf.d/supervisord.conf
COPY entrypoint-web.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

# Create nginx and log directories with proper permissions in a single layer
RUN mkdir -p /var/log/nginx /var/log/supervisor /var/log/uwsgi /var/cache/nginx \
    && chown -R nginx:nginx /var/log/nginx /var/cache/nginx \
    && chown -R piefed:piefed /var/log/uwsgi /app/logs

# Health check optimized for web container
HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
    CMD curl -f http://localhost:80/api/health || curl -f http://localhost:80/ || exit 1

# Expose HTTP port
EXPOSE 80

# Run as root to manage nginx and uwsgi
USER root

ENTRYPOINT ["/entrypoint.sh"]
CMD ["supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]