# Stage 1: 构建前端
FROM node:20-alpine AS frontend-builder

ARG NPM_REGISTRY=https://registry.npmmirror.com

WORKDIR /app/frontend
COPY frontend/package*.json ./
RUN npm install --registry=${NPM_REGISTRY}
COPY frontend/ .
RUN npm run build

# Stage 2: Python 后端
FROM python:3.12-slim

ARG PIP_INDEX=https://pypi.tuna.tsinghua.edu.cn/simple

WORKDIR /app

# 安装构建依赖（部分 Python 包可能需要），并创建非 root 用户
RUN apt-get update && apt-get install -y --no-install-recommends \
    gcc \
    && rm -rf /var/lib/apt/lists/* \
    && useradd --create-home --uid 1000 app

COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt -i ${PIP_INDEX}

COPY . .
COPY --from=frontend-builder /app/frontend/dist ./static

# 确保数据目录对 app 用户可写
RUN mkdir -p /app/data && chown -R app:app /app/data

USER app

EXPOSE 7331

CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "7331", "--workers", "1"]