# HF Spaces Dockerfile - 精简全球字体支持
FROM node:18-slim

# 安装必要的系统依赖和 Chrome
RUN apt-get update && apt-get install -y \
    wget \
    gnupg \
    ca-certificates \
    && wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - \
    && echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list \
    && apt-get update && apt-get install -y \
    google-chrome-stable \
    fonts-noto-core \
    fonts-noto-cjk \
    fonts-noto-color-emoji \
    libappindicator3-1 \
    libasound2 \
    libatk-bridge2.0-0 \
    libdrm2 \
    libgtk-3-0 \
    libnspr4 \
    libnss3 \
    libx11-xcb1 \
    libxcomposite1 \
    libxdamage1 \
    libxrandr2 \
    libgbm1 \
    libxss1 \
    libgconf-2-4 \
    --no-install-recommends \
    && rm -rf /var/lib/apt/lists/* \
    && fc-cache -fv

# 创建非 root 用户
RUN groupadd -r pptruser && useradd -r -g pptruser -G audio,video pptruser \
    && mkdir -p /home/pptruser/Downloads \
    && chown -R pptruser:pptruser /home/pptruser

# 设置工作目录
WORKDIR /app

# 复制 package 文件
COPY package*.json ./

# 清理 npm cache 并安装依赖
RUN npm cache clean --force \
    && npm ci --omit=dev --no-audit --no-fund \
    # && npm install --only=production --no-audit --no-fund \
    && npm cache clean --force

# 复制应用代码
COPY . .

# 更改所有权
RUN chown -R pptruser:pptruser /app

# 切换到非 root 用户
USER pptruser

# 设置环境变量
ENV NODE_ENV=production
ENV PORT=7860
ENV PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true
ENV PUPPETEER_EXECUTABLE_PATH=/usr/bin/google-chrome-stable

# 暴露端口
EXPOSE 7860

# 启动命令
CMD ["npm", "start"]