FROM node:20-bullseye-slim

# Create app directory and set ownership to the existing 'node' user (UID 1000)
RUN mkdir -p /app && chown node:node /app
WORKDIR /app

# Switch to the non-root user
USER node

# Copy package files with correct ownership
COPY --chown=node:node frontend/package.json ./frontend/package.json
COPY --chown=node:node backend/package.json backend/package-lock.json ./backend/

RUN npm --prefix frontend install --no-audit --no-fund && npm --prefix backend ci

# Copy source code with correct ownership
COPY --chown=node:node frontend ./frontend
COPY --chown=node:node backend ./backend

# Create uploads directory so backend can serve static files
RUN mkdir -p backend/uploads

RUN npm --prefix frontend run build && npm --prefix backend run build

ENV NODE_ENV=production
ENV SPACE_PORT=7860
ENV BACKEND_INTERNAL_URL=http://127.0.0.1:3001

EXPOSE 7860

CMD ["sh", "-c", "PORT=3001 npm --prefix backend run start:prod & npm --prefix frontend run start -- -H 0.0.0.0 -p ${SPACE_PORT}"]