# 使用 Node.js 作为基础镜像（因为 Gemini CLI 依赖较多）
FROM node:20-slim

# 安装必要依赖
RUN apt-get update && apt-get install -y python3 python3-pip curl wget supervisor && rm -rf /var/lib/apt/lists/*

# 安装 cloudflared
RUN curl -L --output cloudflared.deb https://github.com/cloudflare/cloudflared/releases/latest/download/cloudflared-linux-amd64.deb && \
    dpkg -i cloudflared.deb && rm cloudflared.deb

# 确保工作目录存在并属于 UID 1000
RUN mkdir -p /home/user/app && chown -R 1000:1000 /home/user/app

# 1. 先以 root 身份创建目录并洗一遍权限
USER root
RUN mkdir -p /home/user/app && \
    chown -R 1000:1000 /home/user && \
    chmod -R 755 /home/user

# 直接切换到已存在的 UID 1000 用户
USER 1000

ENV HOME=/home/user \
    PATH=/home/user/.local/bin:$PATH

WORKDIR /home/user/app

# 关键：先确保文件存在再 COPY
COPY --chown=user . .

# 安装 Flask
RUN pip3 install flask --break-system-packages --no-cache-dir

# 暴露 HF 要求的端口
EXPOSE 7860

# 启动 supervisor
CMD ["/usr/bin/supervisord", "-c", "supervisord.conf"]