# syntax=docker/dockerfile:1.4
FROM rust:latest AS builder
WORKDIR /app

# Cloner sdk_common depuis le repository (branche ext)
RUN git clone -b ext https://git.4nkweb.com/4nk/sdk_common.git /sdk_common

# Copie des fichiers de sdk_relay
COPY Cargo.toml Cargo.lock ./
COPY src/ src/

# Build des dépendances
RUN cargo build --release

# ---- image finale ----
FROM debian:bookworm-slim
RUN apt-get update && apt-get upgrade -y && \
    apt-get install -y --fix-missing \
    ca-certificates curl jq git \
    net-tools iputils-ping dnsutils \
    netcat-openbsd telnet procps && \
    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

# Création d'un utilisateur non-root
RUN useradd -m -u 1000 appuser && \
    mkdir -p /app && chown -R appuser:appuser /app

COPY --from=builder /app/target/release/sdk_relay /usr/local/bin/sdk_relay
RUN chmod +x /usr/local/bin/sdk_relay && \
    chown appuser:appuser /usr/local/bin/sdk_relay

# Configuration via build arg
ARG CONF
RUN echo "$CONF" > /app/.conf && \
    chown appuser:appuser /app/.conf && \
    chmod 644 /app/.conf

# Créer le répertoire .4nk avec les bonnes permissions
RUN mkdir -p /app/.4nk && \
    chown -R appuser:appuser /app/.4nk && \
    chmod 755 /app/.4nk

WORKDIR /app
USER appuser
ENV HOME=/app

VOLUME ["/app/.4nk"]

EXPOSE 8090 8091
# Préparer le répertoire de logs interne (monté par docker-compose vers /home/debian/4NK_env/logs/sdk_relay)
USER root
RUN mkdir -p /var/log/sdk_relay && chown -R appuser:appuser /var/log/sdk_relay
USER appuser

# Rediriger stdout/stderr vers un fichier pour la centralisation par promtail
ENTRYPOINT ["/bin/sh","-c","exec sdk_relay --config /app/.conf >> /var/log/sdk_relay/stdout.log 2>&1"]