# === Stage 1: Build core.sr.ht + todo.sr.ht from source ===
# k8ieone 不提供 todo.sr.ht 镜像，需从源码构建
FROM docker.io/library/alpine:3.20 AS builder

RUN adduser -D builder
# 启用 community 仓库（py3-graphql-core 等依赖需要）
RUN echo "https://dl-cdn.alpinelinux.org/alpine/v3.20/community" >> /etc/apk/repositories
RUN apk add git alpine-sdk sudo nodejs npm go sassc minify
RUN echo "builder ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/builder \
    && chmod 0440 /etc/sudoers.d/builder
RUN sudo -u builder abuild-keygen -a -i -n
RUN addgroup builder abuild

RUN git clone https://git.sr.ht/~sircmpwn/sr.ht-apkbuilds
RUN chown -R builder:builder /sr.ht-apkbuilds

# --- core.sr.ht 依赖 ---
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-mistletoe
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-celery
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-infinity
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-intervals
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-orderedmultidict
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-furl
RUN sudo -u builder abuild -r -K

# --- core.sr.ht（同时产出 core.sr.ht-dev、py3-srht 子包）---
WORKDIR /sr.ht-apkbuilds/sr.ht/core.sr.ht
RUN sudo -u builder abuild checksum
RUN sudo -u builder abuild -r -K

# --- todo.sr.ht 额外构建依赖 ---
# py3-graphql-core 在 Alpine 3.20 不存在，从 edge 安装
RUN apk add --repository https://dl-cdn.alpinelinux.org/alpine/edge/community py3-graphql-core
WORKDIR /sr.ht-apkbuilds/sr.ht/py3-autoflake
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/ariadne-codegen
# Alpine 3.20 的 hatchling 太旧，不支持新版 license-files 格式
RUN apk add py3-pip && pip3 install --break-system-packages hatchling --upgrade
RUN sudo -u builder abuild -r -K
WORKDIR /sr.ht-apkbuilds/sr.ht/sourcehut-migrate
RUN sudo -u builder abuild -r -K

# --- todo.sr.ht ---
WORKDIR /sr.ht-apkbuilds/sr.ht/todo.sr.ht
RUN sudo -u builder abuild checksum
RUN sudo -u builder abuild -r -K


# === Stage 2: Runner ===
FROM docker.io/library/alpine:3.20

RUN echo "https://dl-cdn.alpinelinux.org/alpine/v3.20/community" >> /etc/apk/repositories

COPY --from=builder /home/builder/packages /home/builder/packages
COPY --from=builder /etc/apk/keys/builder* /etc/apk/keys/

RUN apk add --repository /home/builder/packages/sr.ht todo.sr.ht
RUN apk add nginx sudo py3-alembic py3-pip
# celery 5.5.3 需要 kombu >= 5.4，Alpine 3.20 只有 5.3.7
RUN pip3 install --break-system-packages 'kombu>=5.4'

# core.sr.ht 0.78.6 重命名了部分 API，todo.sr.ht 0.77.5 仍使用旧名
COPY compat_oauth.py /tmp/compat_oauth.py
RUN python3 /tmp/compat_oauth.py && rm /tmp/compat_oauth.py

RUN adduser -D srht

# --- Jinja2 修复 ---
COPY fix_jinja2_do.py /tmp/fix_jinja2_do.py
RUN python3 /tmp/fix_jinja2_do.py && rm /tmp/fix_jinja2_do.py

# 创建 nginx 静态文件符号链接（适配 Python 版本）
RUN PYVER=$(python3 -c 'import sys; print(f"{sys.version_info.major}.{sys.version_info.minor}")') \
    && ln -sf /usr/lib/python${PYVER}/site-packages/todosrht /srv/todosrht

COPY start.sh /start.sh
COPY nginx.conf /etc/nginx/http.d/default.conf

CMD ["/bin/sh", "/start.sh"]