FROM circulartextapp/spaceread

# Set the working directory to /app
WORKDIR /app

# Copy the current directory contents into the container at /app
COPY . /app

# Set the user ID in the environment variable USER_ID with a default value
ARG USER_ID=1000
ENV USER_ID=$USER_ID

# Set the user group in the environment variable USER_GROUP with a default value
ARG USER_GROUP=appuser
ENV USER_GROUP=$USER_GROUP

# Create the user and group if they don't already exist
RUN if [ -z "$USER_ID" ]; then \
      echo "User ID not provided. Using the default user ID 1000."; \
      USER_ID=1000; \
    fi && \
    if [ -z "$USER_GROUP" ]; then \
      echo "User group not provided. Using the default user group appuser."; \
      USER_GROUP=appuser; \
    fi && \
    if id "$USER_ID" >/dev/null 2>&1; then \
      echo "User with ID $USER_ID already exists."; \
    else \
      adduser --uid "$USER_ID" --disabled-password --gecos '' "$USER_GROUP"; \
    fi

# Set appropriate permissions for the application directory
RUN chown -R "$USER_ID:$USER_GROUP" /app && chmod -R 755 /app

# Install gosu (adjust the package manager based on your base image)
RUN apt-get update && apt-get install -y gosu && rm -rf /var/lib/apt/lists/*

# Set the entrypoint script as executable
COPY entrypoint.sh /usr/local/bin/entrypoint.sh
RUN chmod +x /usr/local/bin/entrypoint.sh

# Switch to the user for improved security
USER "$USER_ID:$USER_GROUP"

# Define the entrypoint script to handle user creation and application startup
ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]

# Default command to run if the user doesn't provide a command
CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "7860", "--reload"]