FROM python:3.10-slim

ENV DEBIAN_FRONTEND=noninteractive
ENV PYTHONUNBUFFERED=1
ENV XDG_CACHE_HOME=/app/.cache
ENV PIP_CACHE_DIR=/app/.cache/pip
ENV MPLCONFIGDIR=/app/.cache/matplotlib
ENV HF_HOME=/app/.cache/huggingface

RUN groupadd --gid 1000 appuser && \
    useradd --uid 1000 --gid 1000 --create-home --shell /bin/bash appuser

RUN apt-get update && apt-get install -y --no-install-recommends \
    ffmpeg \
    latexmk \
    texlive-full \
    dvisvgm \
    libcairo2-dev \
    pkg-config \
    libpango1.0-dev \
    curl \
    build-essential \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

WORKDIR /app

COPY --chown=appuser:appuser requirements.txt .

# Install Python dependencies as root (some might need system access)
# but use the user-writable pip cache dir
RUN pip install --no-cache-dir --upgrade pip && \
    pip install --no-cache-dir -r requirements.txt

RUN python -m spacy download en_core_web_sm

COPY --chown=appuser:appuser src/ ./src/

RUN mkdir -p /app/.cache/pip /app/.cache/matplotlib /app/.cache/huggingface \
             media/videos/generated_video/1080p60 media/Tex media/texts media/images && \
    chown -R appuser:appuser /app

USER appuser

EXPOSE 7860

HEALTHCHECK --interval=15s --timeout=5s --start-period=30s \
  CMD curl --fail http://localhost:7860/_stcore/health || exit 1

# Pass GEMINI_API_KEY as an environment variable during `docker run`
# Example: docker run -p 7860:7860 -e GEMINI_API_KEY='your_api_key' manimator-image
CMD ["streamlit", "run", "src/app.py", "--server.port=7860", "--server.address=0.0.0.0"]