# Base image
FROM python:3.12.3-slim-bookworm as base

# Install Nginx, curl, and build-essential
RUN apt update && apt install -y nginx curl build-essential \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/* \
    && rm /etc/nginx/sites-enabled/default

# Install Node tools
RUN curl -fsSL https://deb.nodesource.com/setup_21.x | bash - \
    && apt-get install -y nodejs \
    && npm install -g corepack pm2

# Frontend Build
FROM base AS deps

ARG NEXT_PUBLIC_LEARNHOUSE_API_URL
ARG NEXT_PUBLIC_LEARNHOUSE_BACKEND_URL
ARG NEXT_PUBLIC_LEARNHOUSE_DOMAIN

ENV NEXT_PUBLIC_LEARNHOUSE_API_URL=${NEXT_PUBLIC_LEARNHOUSE_API_URL}
ENV NEXT_PUBLIC_LEARNHOUSE_BACKEND_URL=${NEXT_PUBLIC_LEARNHOUSE_BACKEND_URL}
ENV NEXT_PUBLIC_LEARNHOUSE_DOMAIN=${NEXT_PUBLIC_LEARNHOUSE_DOMAIN}

WORKDIR /app/web
COPY ./apps/web/package.json ./apps/web/pnpm-lock.yaml* ./
COPY ./apps/web /app/web
RUN rm -f .env* 
RUN if [ -f pnpm-lock.yaml ]; then corepack enable pnpm && pnpm i --frozen-lockfile && pnpm run build; \
    else echo "Lockfile not found." && exit 1; \
    fi

# Final image
FROM base as runner 
RUN addgroup --system --gid 1001 system \
    && adduser --system --uid 1001 app \
    && mkdir .next \
    && chown app:system .next
COPY --from=deps /app/web/public ./app/web/public
COPY --from=deps --chown=app:system /app/web/.next/standalone ./app/web/
COPY --from=deps --chown=app:system /app/web/.next/static ./app/web/.next/static

# Backend Build
WORKDIR /app/api
COPY ./apps/api/pyproject.toml ./
COPY ./apps/api/uv.lock ./

# Install dependencies with proper flags and fallback to pip if needed
RUN pip install --upgrade pip && \
    pip install uv && \
    (uv pip sync --system --python=python3.12 || pip install -e .) && \
    pip install uvicorn  # Ensure at least the ASGI server is available

COPY ./apps/api ./

# Run the backend
WORKDIR /app
COPY ./extra/nginx.conf /etc/nginx/conf.d/default.conf
ENV PORT=80 LEARNHOUSE_PORT=9000 HOSTNAME=0.0.0.0
COPY ./extra/start.sh /app/start.sh
COPY ./debug-services.sh /app/debug-services.sh
RUN chmod +x /app/start.sh /app/debug-services.sh

# Add enhanced URL and domain patching
RUN echo '#!/bin/bash\n\
echo "Enhanced patching of NextAuth cookies and domains..."\n\
find /app/web/.next -type f -name "*.js" -exec sed -i "s/domain:[^,}]*,/domain: undefined,/g" {} \\;\n\
find /app/web/.next -type f -name "*.js" -exec sed -i "s/domain: *process.env.LEARNHOUSE_COOKIE_DOMAIN/domain: undefined/g" {} \\;\n\
find /app/web/.next -type f -name "*.js" -exec sed -i "s/\.domain\s*=\s*[^;]*;/\.domain = undefined;/g" {} \\;\n\
echo "Cookie domain patches complete."\n\
\n\
echo "Patching API URLs for deployment isolation..."\n\
if [ ! -z "$NEXT_PUBLIC_LEARNHOUSE_DOMAIN" ]; then\n\
  echo "Domain value found: $NEXT_PUBLIC_LEARNHOUSE_DOMAIN"\n\
  # Extract the domain without protocol\n\
  DOMAIN_ONLY=$(echo "$NEXT_PUBLIC_LEARNHOUSE_DOMAIN" | sed -E "s/^https?:\\/\\///g")\n\
  echo "Extracted domain: $DOMAIN_ONLY"\n\
  \n\
  # Replace all occurrences of edu.adradviser.ro with the current domain\n\
  find /app/web/.next -type f -name "*.js" -exec sed -i "s|http://edu.adradviser.ro|$NEXT_PUBLIC_LEARNHOUSE_DOMAIN|g" {} \\;\n\
  find /app/web/.next -type f -name "*.js" -exec sed -i "s|https://edu.adradviser.ro|$NEXT_PUBLIC_LEARNHOUSE_DOMAIN|g" {} \\;\n\
  find /app/web/.next -type f -name "*.js" -exec sed -i "s|//edu.adradviser.ro|//$DOMAIN_ONLY|g" {} \\;\n\
  find /app/web/.next -type f -name "*.js" -exec sed -i "s|\"href\":\"http://edu.adradviser.ro|\"href\":\"$NEXT_PUBLIC_LEARNHOUSE_DOMAIN|g" {} \\;\n\
  find /app/web/.next -type f -name "*.js" -exec sed -i "s|https://edu.adradviser.ro|$NEXT_PUBLIC_LEARNHOUSE_DOMAIN|g" {} \\;\n\
  find /app/web/.next -type f -name "*.html" -exec sed -i "s|http://edu.adradviser.ro|$NEXT_PUBLIC_LEARNHOUSE_DOMAIN|g" {} \\;\n\
  find /app/web/.next -type f -name "*.html" -exec sed -i "s|https://edu.adradviser.ro|$NEXT_PUBLIC_LEARNHOUSE_DOMAIN|g" {} \\;\n\
  \n\
  # Replace absolute URL paths\n\
  find /app/web/.next -type f -name "*.js" -exec sed -i "s|https://[^/\"]*\\(/api/v1/\\)|${NEXT_PUBLIC_LEARNHOUSE_API_URL}|g" {} \\;\n\
  find /app/web/.next -type f -name "*.js" -exec sed -i "s|https://[^/\"]*\\(/api/auth\\)|${NEXT_PUBLIC_LEARNHOUSE_BACKEND_URL}api/auth|g" {} \\;\n\
  \n\
  # Replace hardcoded href values\n\
  find /app/web/.next -type f -name "*.js" -exec sed -i "s|href:\\\"http://edu.adradviser.ro|href:\\\"$NEXT_PUBLIC_LEARNHOUSE_DOMAIN|g" {} \\;\n\
  find /app/web/.next -type f -name "*.js" -exec sed -i "s|href:\\\"https://edu.adradviser.ro|href:\\\"$NEXT_PUBLIC_LEARNHOUSE_DOMAIN|g" {} \\;\n\
  \n\
  echo "URL and domain patching completed using: $NEXT_PUBLIC_LEARNHOUSE_DOMAIN"\n\
  \n\
  # Verify the changes\n\
  echo "Verification of patched files:"\n\
  grep -r "edu.adradviser.ro" /app/web/.next --include="*.js" | head -5 || echo "No references to edu.adradviser.ro found (good)"\n\
fi\n\
\n\
echo "Starting application..."\n\
sh /app/start.sh' > /app/patched-start.sh && chmod +x /app/patched-start.sh

# Use the patched start script
CMD ["/app/patched-start.sh"]