# Start from a stable Python base image
FROM python:3.13-slim-bookworm

# Use ARG for versions to easily update them
ARG NEO4J_VERSION=5.15.0

# Set Environment Variables
ENV JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64 \
    NEO4J_HOME=/neo4j \
    PATH="$PATH:/neo4j/bin"

# Install system dependencies as root
# Using --no-install-recommends to keep the image smaller
RUN apt-get update && \
    apt-get install -y --no-install-recommends \
    git \
    curl \
    openjdk-17-jre-headless \
    nginx \
    netcat-traditional \
    unzip \
    && rm -rf /var/lib/apt/lists/*

# Download and install Neo4j Community Edition as root
RUN curl -fsSL "https://dist.neo4j.org/neo4j-community-${NEO4J_VERSION}-unix.tar.gz" -o neo4j.tar.gz && \
    tar -xzf neo4j.tar.gz -C / && \
    mv "/neo4j-community-${NEO4J_VERSION}" "${NEO4J_HOME}" && \
    rm neo4j.tar.gz

# Create plugins directory and download the APOC plugin
RUN mkdir -p ${NEO4J_HOME}/plugins
RUN curl -fsSL "https://github.com/neo4j/apoc/releases/download/${NEO4J_VERSION}/apoc-${NEO4J_VERSION}-core.jar" -o "${NEO4J_HOME}/plugins/apoc.jar"

# Set the working directory
WORKDIR /app

# Clone the project repository.
RUN git clone https://github.com/bhuvanmdev/graph-rag-agent.git /app

# Install Python dependencies before creating the non-root user
RUN pip install --no-cache-dir --upgrade pip && \
    pip install --no-cache-dir -r requirements.txt

# === Correct Neo4j Configuration ===
# Create directories first, then configure Neo4j to use them.
RUN mkdir -p /app/neo4j_data /app/neo4j_logs
RUN sed -i 's/#server.default_listen_address=127.0.0.1/server.default_listen_address=0.0.0.0/' ${NEO4J_HOME}/conf/neo4j.conf && \
    echo 'dbms.security.procedures.unrestricted=apoc.*' >> ${NEO4J_HOME}/conf/neo4j.conf

# === Correctly Prepare and Place Data ===
# The neo4j_data.zip file should be in the same directory as your Dockerfile
COPY neo4j_data.zip /app/neo4j_data.zip
# Unzip the data into a temporary directory first to inspect its structure
RUN mkdir -p /app/temp_unzip && unzip /app/neo4j_data.zip -d /app/temp_unzip
# Move the contents to the OFFICIAL Neo4j data and logs directories
RUN mv /app/temp_unzip/neo4j_data/* ${NEO4J_HOME}/data/ && \
    mv /app/temp_unzip/neo4j_logs/* ${NEO4J_HOME}/logs/ && \
    rm -rf /app/temp_unzip /app/neo4j_data.zip

# Create a non-root user
RUN useradd -m -u 1000 user

# Set Final Permissions for Neo4j and the app directory
RUN chown -R user:user /app ${NEO4J_HOME}

# Make the startup script executable
RUN chmod +x /app/scripts/run_hf.sh

# Switch to the non-root user
USER user

# Expose the Gradio port
EXPOSE 7860


# Entrypoint to start services
ENTRYPOINT ["/app/scripts/run_hf.sh"]