FROM docker:27-cli

# Install system dependencies, dev tools, Rust
RUN apk add --no-cache \
      bash \
      curl \
      git \
      python3 \
      make \
      build-base \
      libc-dev \
      linux-headers \
      postgresql-dev \
      nodejs \
      npm \
      redis \
      shadow \
      rust \
      cargo

# Remove rust & cargo from apk
RUN apk add --no-cache bash curl git python3 make build-base libc-dev linux-headers postgresql-dev nodejs npm redis shadow

# Install rustup and nightly Rust
RUN curl https://sh.rustup.rs -sSf | sh -s -- -y \
    && source $HOME/.cargo/env \
    && rustup install nightly \
    && rustup default nightly

# Install pnpm globally
RUN npm install -g pnpm


# --- Create non-root user ---
RUN addgroup -g 1000 appgroup && \
    adduser -D -u 1000 -G appgroup appuser

# Set working directory with correct permissions
WORKDIR /opt/firecrawl
RUN chown -R appuser:appgroup /opt/firecrawl

# Switch to non-root user
USER appuser

# Clone Firecrawl repo
RUN git clone https://github.com/NitinBot001/firecrawl.git .

# Back to project root
WORKDIR /opt/firecrawl

# Expose Firecrawl ports
EXPOSE 3002

# Default command: requires docker.sock mounted to run docker-compose
CMD ["docker-compose", "-f", "docker-compose.yaml", "up", "--build"]