FROM python:3.13-slim

EXPOSE 8000
WORKDIR /app

ENV PATH="/app/.venv/bin:$PATH"
ENV STATIC_ROOT=/app/staticfiles
ENV MEDIA_ROOT=/app/mediafiles

# Install binaries with correct permissions
COPY --from=ghcr.io/astral-sh/uv:latest --chown=root:root --chmod=755 /uv /usr/local/bin/uv
COPY --from=caddy:latest --chown=root:root --chmod=755 /usr/bin/caddy /usr/local/bin/caddy
COPY --chmod=755 docker/run.sh /usr/local/bin/runhub.sh


COPY docker/Caddyfile /app/config/caddy/Caddyfile
ADD . /app

RUN uv sync --frozen \
    && uv pip install gunicorn --no-cache-dir \
    && mkdir -p /app/config/caddy /app/run/caddy /app/run/gunicorn \
    && chgrp -R 0 /app \
    && chmod -R g=u /app \
    && chmod g+w /app/config/caddy/Caddyfile \
    && SECRET_KEY= python -m hub collectstatic --noinput

CMD ["/usr/local/bin/runhub.sh"]