# Multi-stage build pour la production
FROM python:3.11-slim AS builder

LABEL maintainer="LeDiscord Team"
LABEL version="1.0"
LABEL description="LeDiscord Backend - Environnement Production"

WORKDIR /app

# Env
ENV ENVIRONMENT=production \
    PYTHONPATH=/app \
    PYTHONUNBUFFERED=1 \
    PYTHONDONTWRITEBYTECODE=1

# Dépendances de build
RUN apt-get update && apt-get install -y --no-install-recommends \
    gcc \
    libpq-dev \
  && rm -rf /var/lib/apt/lists/*

# Requirements
COPY requirements.txt .
RUN pip install --no-cache-dir --upgrade pip \
 && pip install --no-cache-dir -r requirements.txt

# ---- Stage runtime ----
FROM python:3.11-slim AS production

WORKDIR /app

# Env runtime
ENV ENVIRONMENT=production \
    PYTHONPATH=/app \
    PYTHONUNBUFFERED=1 \
    PYTHONDONTWRITEBYTECODE=1

# Dépendances runtime
RUN apt-get update && apt-get install -y --no-install-recommends \
    libpq5 \
    libmagic1 \
    libgl1 \
    libglib2.0-0 \
    libsm6 \
    libxext6 \
    libxrender1 \
    libgomp1 \
  && rm -rf /var/lib/apt/lists/*

# Paquets Python depuis le builder
COPY --from=builder /usr/local/lib/python3.11/site-packages /usr/local/lib/python3.11/site-packages
COPY --from=builder /usr/local/bin /usr/local/bin

# Dossiers appli
RUN mkdir -p /app/uploads /app/logs

# Code source
COPY . .

# Env prod (attention à ce que tu y mets)
COPY .env.production .env

# Utilisateur non-root
RUN groupadd -r lediscord && useradd -r -g lediscord lediscord \
 && chown -R lediscord:lediscord /app
USER lediscord

EXPOSE 8000

# Healthcheck (optionnel mais pratique)
HEALTHCHECK --interval=30s --timeout=3s --start-period=10s --retries=3 \
  CMD python -c "import socket; s=socket.socket(); s.settimeout(2); s.connect(('127.0.0.1',8000)); s.close()" || exit 1

# Démarrage uvicorn — pas de guillemets imbriqués ici
CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "8000", "--workers", "4", "--log-level", "info", "--proxy-headers", "--forwarded-allow-ips=*"]