FROM nvidia/cuda:11.3.1-base-ubuntu20.04

ENV DEBIAN_FRONTEND=noninteractive \
    TZ=Asia/Shanghai \
    LANG=C.UTF-8 \
    LC_ALL=C.UTF-8 \
    PYTHONUNBUFFERED=1

# =====================================================
# Base system dependencies
# =====================================================
RUN rm -f /etc/apt/sources.list.d/*.list && \
    apt-get update && apt-get install -y \
    curl \
    ca-certificates \
    sudo \
    git \
    git-lfs \
    zip \
    unzip \
    wget \
    nginx \
    vim \
    jq \
    net-tools \
    lsof \
    telnet \
    htop \
    bzip2 \
    build-essential \
    software-properties-common \
    python3 \
    python3-pip \
    libx11-6 \
    libsndfile-dev \
 && rm -rf /var/lib/apt/lists/*

# =====================================================
# OpenVSCode Server
# =====================================================
ARG BUILD_DATE
ARG VERSION
ARG CODE_RELEASE

RUN \
  echo "**** install openvscode-server runtime dependencies ****" && \
  apt-get update && \
  apt-get install -y \
    libatomic1 \
    nano \
    netcat && \
  echo "**** install openvscode-server ****" && \
  if [ -z ${CODE_RELEASE+x} ]; then \
    CODE_RELEASE=$(curl -sX GET "https://api.github.com/repos/gitpod-io/openvscode-server/releases/latest" \
      | awk '/tag_name/{print $4;exit}' FS='[""]' \
      | sed 's|^openvscode-server-v||'); \
  fi && \
  mkdir -p /app/openvscode-server && \
  curl -o /tmp/openvscode-server.tar.gz -L \
    "https://github.com/gitpod-io/openvscode-server/releases/download/openvscode-server-v${CODE_RELEASE}/openvscode-server-v${CODE_RELEASE}-linux-x64.tar.gz" && \
  tar xf /tmp/openvscode-server.tar.gz \
    -C /app/openvscode-server/ \
    --strip-components=1 && \
  apt-get clean && \
  rm -rf /tmp/* /var/lib/apt/lists/* /var/tmp/*

# =====================================================
# Optional nvtop
# =====================================================
RUN add-apt-repository ppa:flexiondotorg/nvtop && \
    apt-get update && \
    apt-get install -y --no-install-recommends nvtop

# =====================================================
# Node.js + tools
# =====================================================
RUN curl -sL https://deb.nodesource.com/setup_18.x | bash - && \
    apt-get install -y nodejs && \
    npm install -g \
      configurable-http-proxy \
      tsx \
      tslab \
      http-server \
      miniflare@2

# =====================================================
# User setup
# =====================================================
WORKDIR /app

RUN adduser --disabled-password --gecos '' --shell /bin/bash user && \
    chown -R user:user /app

RUN echo "user ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/90-user

USER user

ENV HOME=/home/user

RUN mkdir -p $HOME/.cache $HOME/.config && \
    chmod -R 777 $HOME

# =====================================================
# Miniconda
# =====================================================
ENV CONDA_AUTO_UPDATE_CONDA=false \
    PATH=$HOME/miniconda/bin:$PATH \
    PYTHONPATH=$HOME/app

RUN curl -sLo ~/miniconda.sh \
    https://repo.anaconda.com/miniconda/Miniconda3-py310_23.5.2-0-Linux-x86_64.sh && \
    chmod +x ~/miniconda.sh && \
    ~/miniconda.sh -b -p ~/miniconda && \
    rm ~/miniconda.sh && \
    conda clean -ya

WORKDIR $HOME/app

# =====================================================
# ROOT SECTION
# =====================================================
USER root

COPY packages.txt /root/packages.txt

RUN apt-get update && \
    xargs -r -a /root/packages.txt apt-get install -y --no-install-recommends && \
    rm -rf /var/lib/apt/lists/*

COPY on_startup.sh /root/on_startup.sh

RUN bash /root/on_startup.sh || true

# =====================================================
# USER SECTION
# =====================================================
USER user

# =====================================================
# Python dependencies
# =====================================================
COPY requirements.txt $HOME/app/

RUN pip install --no-cache-dir --upgrade -r requirements.txt

# =====================================================
# AI AGENT LAYER
# =====================================================
COPY --chown=user app/agent $HOME/app/agent

# =====================================================
# FULL APPLICATION SOURCE
# =====================================================
COPY --chown=user . $HOME/app

WORKDIR $HOME/app

# =====================================================
# Playwright
# =====================================================
RUN pip install playwright && \
    playwright install --with-deps || true

# =====================================================
# Permissions
# =====================================================
RUN chmod +x start_server.sh || true

# =====================================================
# Runtime ENV
# =====================================================
ENV GRADIO_ALLOW_FLAGGING=never \
    GRADIO_NUM_PORTS=1 \
    GRADIO_SERVER_NAME=0.0.0.0 \
    GRADIO_THEME=huggingface \
    SYSTEM=spaces \
    SHELL=/bin/bash

EXPOSE 7860 3000

CMD ["bash", "./start_server.sh"]