# syntax=docker/dockerfile:1
FROM mcr.microsoft.com/dotnet/aspnet:8.0

RUN apt-get update \
 && apt-get install -y wget libarchive-tools \
 && rm -rf /var/lib/apt/lists/*

# Tạo user non-root theo khuyến nghị (UID 1000)
RUN useradd -m -u 1000 appuser

WORKDIR /app

# Tải binary TinfoilWebServer (linux-x64, framework-dependent)
ARG ZIP_URL="https://github.com/Myster-Tee/TinfoilWebServer/releases/download/v2.1.0/TinfoilWebServer_v2.1.0_Framework-Dependent-linux-x64.zip"
RUN wget -O /tmp/tws.zip "$ZIP_URL" \
 && bsdtar -xf /tmp/tws.zip -C /app \
 && rm -f /tmp/tws.zip \
 && subdir="$(find /app -mindepth 1 -maxdepth 1 -type d -name 'TinfoilWebServer*linux-x64' | head -n1)" \
 && if [ -n "$subdir" ]; then cp -a "$subdir"/. /app/ && rm -rf "$subdir"; fi \
 && if [ -f /app/TinfoilWebServer ]; then chmod +x /app/TinfoilWebServer; fi

# Copy cấu hình & index (đặt cạnh nhau như bạn yêu cầu)
COPY TinfoilWebServer.config.json /app/TinfoilWebServer.config.json
COPY index.json /app/index.json

# Copy entrypoint & cấp quyền
COPY entrypoint.sh /app/entrypoint.sh
RUN chmod +x /app/entrypoint.sh

# Quyền sở hữu cho appuser
RUN chown -R appuser:appuser /app

# Chạy dưới appuser (UID 1000)
USER appuser
ENV HOME=/home/appuser

# Khai báo volume & cổng
VOLUME ["/data"]
EXPOSE 5000

CMD ["/app/entrypoint.sh"]