# Multi-stage build to produce a small runtime image

# 1) Build stage: compile the Go project
FROM golang:1.26-bookworm AS builder
WORKDIR /src

# Enable CGO off to produce a static binary for easier runtime
ENV CGO_ENABLED=0

# Cache module downloads first
COPY go.mod go.sum ./
RUN go mod download

# Copy the rest of the source code
COPY . .

# Build the binary (build the main package in the repository root)
RUN go build -o aliyunpan ./


# 2) Runtime stage: minimal Debian-based image
FROM debian:bookworm-slim

# Install CA certificates for TLS and create a non-root user
RUN apt-get update \
    && apt-get install -y --no-install-recommends ca-certificates \
    && rm -rf /var/lib/apt/lists/*

# Create app user and directories
RUN groupadd -r appuser && useradd -r -g appuser appuser
RUN mkdir -p /home/app/config /home/app/data
RUN chown -R appuser:appuser /home/app

WORKDIR /home/app

# Copy the built binary from builder
COPY --from=builder /src/aliyunpan /home/app/aliyunpan

# Expose volumes for config and data by default
VOLUME ["/home/app/config", "/home/app/data"]

# Environment: where to store config
ENV ALIYUNPAN_CONFIG_DIR=/home/app/config
ENV TZ=Asia/Shanghai

# Run as non-root user
USER appuser

# Default command
CMD ["/home/app/aliyunpan"]