# Stage 1: Builder for Python dependencies
FROM python:3.11-slim as builder

WORKDIR /app

RUN apt-get update && apt-get install -y --no-install-recommends \
    build-essential \
    python3-dev \
    && rm -rf /var/lib/apt/lists/*

COPY requirements.txt .
RUN pip install --user --no-cache-dir -r requirements.txt

# Stage 2: Runtime image
FROM python:3.11-slim

WORKDIR /app

RUN apt-get update && apt-get install -y --no-install-recommends \
    libgl1 \
    libglib2.0-0 \
    curl \
    && rm -rf /var/lib/apt/lists/*

COPY --from=builder /root/.local /root/.local

ENV PATH=/root/.local/bin:$PATH \
    PYTHONUNBUFFERED=1 \
    PYTHONPATH=/app \
    TF_CPP_MIN_LOG_LEVEL=3 \
    TF_ENABLE_ONEDNN_OPTS=0

RUN mkdir -p /app/model_cache /app/temp_models \
    && chmod -R a+rwx /app/model_cache /app/temp_models

ENV HF_HOME=/app/model_cache \
    XDG_CACHE_HOME=/app/model_cache \
    TEMP_MODEL_DIR=/app/temp_models

COPY . .

# Hugging Face requires port 7860
EXPOSE 7860

HEALTHCHECK --interval=30s --timeout=30s --start-period=60s --retries=3 \
    CMD curl -f http://localhost:7860/status/ || exit 1

RUN useradd -m appuser \
    && chown -R appuser:appuser /app \
    && chmod -R a+rwx /app/model_cache /app/temp_models
USER appuser

CMD ["uvicorn", "API_main:app", "--host", "0.0.0.0", "--port", "7860"]