# ---------- Stage 1: Dependencies ----------
FROM node:20-alpine AS deps
WORKDIR /app

# Install dependencies needed to compile some Node modules
RUN apk add --no-cache libc6-compat

# Copy dependency declarations
COPY package.json yarn.lock ./

# Install production and build dependencies
RUN yarn install --frozen-lockfile --network-timeout 402300

# ---------- Stage 2: Build ----------
FROM node:20-alpine AS builder
WORKDIR /app

# Accept build argument for environment validation
ARG SKIP_ENV_VALIDATION=true

ENV NEXT_TELEMETRY_DISABLED=1 \
    SKIP_ENV_VALIDATION=${SKIP_ENV_VALIDATION} \
    NODE_ENV=production

# Copy installed deps
COPY --from=deps /app/node_modules ./node_modules
COPY --from=deps /app/package.json ./
COPY --from=deps /app/yarn.lock ./

# Copy all source files
COPY . .

# Build the application
RUN yarn build

# ---------- Stage 3: Runner ----------
FROM node:20-alpine AS runner
WORKDIR /app

ENV NODE_ENV=production \
    NEXT_TELEMETRY_DISABLED=1 \
    PORT=4024 \
    HOSTNAME=0.0.0.0

# Create a non-root user
RUN addgroup -g 1001 -S nodejs && \
    adduser -u 1001 -S nextjs -G nodejs

# Copy the minimal standalone app
COPY --from=builder /app/.next/standalone ./
COPY --from=builder /app/.next/static ./.next/static
COPY --from=builder /app/public ./public

# Ensure correct ownership and drop root
RUN chown -R nextjs:nodejs /app
USER nextjs

EXPOSE 4024

CMD ["node", "server.js"]