FROM rust:1.93-bookworm AS rust-builder
WORKDIR /workspace

COPY server-rs ./server-rs
RUN cargo build --release -p api-server --manifest-path server-rs/Cargo.toml && \
    cp server-rs/target/release/api-server /tmp/api-server

FROM debian:bookworm-slim AS api-runtime
WORKDIR /srv/genarrative

RUN apt-get update && \
    apt-get install -y --no-install-recommends ca-certificates curl && \
    rm -rf /var/lib/apt/lists/* && \
    useradd --system --create-home --home-dir /srv/genarrative --shell /usr/sbin/nologin genarrative

COPY --from=rust-builder /tmp/api-server /usr/local/bin/api-server

RUN mkdir -p /var/lib/genarrative/auth /var/lib/genarrative/tracking-outbox && \
    chown -R genarrative:genarrative /srv/genarrative /var/lib/genarrative

USER genarrative
EXPOSE 8082

ENV GENARRATIVE_ENV=container \
    GENARRATIVE_API_HOST=0.0.0.0 \
    GENARRATIVE_API_PORT=8082 \
    GENARRATIVE_AUTH_STORE_PATH=/var/lib/genarrative/auth/auth-store.json \
    GENARRATIVE_TRACKING_OUTBOX_DIR=/var/lib/genarrative/tracking-outbox

CMD ["api-server"]

FROM node:22-bookworm-slim AS web-builder
WORKDIR /workspace

COPY package.json package-lock.json ./
COPY apps/admin-web/package.json ./apps/admin-web/package.json
RUN npm ci

COPY index.html metadata.json tsconfig.json vite.config.ts ./
COPY scripts/vite-cli.mjs scripts/admin-web-build.mjs ./scripts/
COPY src ./src
COPY public ./public
COPY media ./media
COPY packages ./packages
COPY apps/admin-web ./apps/admin-web
RUN npm run build:raw && npm run admin-web:build

FROM nginx:1.27-alpine AS nginx-runtime
COPY --from=web-builder /workspace/dist /srv/genarrative/web
COPY --from=web-builder /workspace/apps/admin-web/dist /srv/genarrative/web/admin
COPY deploy/container/nginx.conf /etc/nginx/nginx.conf