# Start from a lightweight Python image
FROM python:3.9-slim

# 1. Install LaTeX and dependencies
RUN apt-get update && apt-get install -y \
    texlive-latex-base \
    texlive-latex-extra \
    texlive-fonts-recommended \
    texlive-fonts-extra \
    texlive-science \
    texlive-pictures \
    ghostscript \
    && rm -rf /var/lib/apt/lists/*

# 2. Create a non-root user FIRST
RUN useradd -m -u 1000 user

# 3. Set the working directory and ensure the user owns it
WORKDIR /app
RUN chown user:user /app

# 4. Copy requirements and install dependencies
COPY --chown=user:user requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

# 5. Copy the rest of the application with correct ownership
#    (This is the CRITICAL fix)
COPY --chown=user:user . .

# 6. Switch to the non-root user
USER user
ENV HOME=/home/user \
    PATH=/home/user/.local/bin:$PATH

# 7. Run the application port 7860
CMD ["streamlit", "run", "app.py", "--server.port=8080", "--server.address=0.0.0.0"]