Dockerfile

# --- STAGE 1: Build Rust Backend (Nightly) ---
FROM rustlang/rust:nightly-bookworm AS backend_build
WORKDIR /app
RUN apt-get update && apt-get install -y pkg-config libssl-dev
COPY Cargo.toml ./
RUN mkdir src && echo "fn main() {}" > src/main.rs && cargo build --release
COPY src ./src
RUN touch src/main.rs && cargo build --release

# --- STAGE 2: Build React Frontend ---
FROM node:20-bookworm AS frontend_build
WORKDIR /app/frontend
COPY frontend/package*.json ./
RUN npm install
COPY frontend/ ./
RUN npm run build

# --- STAGE 3: Final Runtime (Nix + Agent) ---
FROM debian:bookworm-slim

# 1. Install system dependencies as ROOT
RUN apt-get update && apt-get install -y \
    curl xz-utils wget ca-certificates procps \
    libssl3 libasound2 libatk1.0-0 libc6 libcairo2 libcups2 \
    libdbus-1-3 libexpat1 libfontconfig1 libgbm1 libgcc1 \
    libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 \
    libnspr4 libnss3 libpango-1.0-0 libpangocairo-1.0-0 \
    libstdc++6 libx11-6 libx11-xcb1 libxcb1 libxcomposite1 \
    libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 \
    libxrandr2 libxrender1 libxss1 libxtst6 \
    && rm -rf /var/lib/apt/lists/*

# 2. Create the /nix directory as ROOT and give ownership to the HF user (1000)
RUN mkdir -m 0755 /nix && useradd -m -u 1000 user && chown user /nix

# 3. Switch to the non-root user
USER user
ENV HOME=/home/user
WORKDIR /home/user

# 4. Install Nix as the USER (it now has access to /nix)
RUN curl -L https://nixos.org/nix/install | sh -s -- --no-daemon
ENV PATH="/home/user/.nix-profile/bin:${PATH}"
ENV NIX_PATH=nixpkgs=https://github.com/NixOS/nixpkgs/archive/nixos-unstable.tar.gz

# 5. Copy built assets
COPY --from=backend_build /app/target/release/polymorphic-agent .
COPY --from=frontend_build /app/frontend/dist ./frontend/dist

# 6. Create dynamic UI folder
RUN mkdir -p ./frontend/src/dynamic

EXPOSE 7860
CMD ["./polymorphic-agent"]