# Base Python image with correct version
FROM python:3.12-slim-bookworm AS base

# Set shared environment variables
ENV NODE_VERSION=20.11.0 \
    NODE_OPTIONS="--max_old_space_size=2048" \
    NEXT_TELEMETRY_DISABLED=1 \
    NODE_ENV=production \
    PYTHONDONTWRITEBYTECODE=1 \
    POETRY_NO_INTERACTION=1 \
    POETRY_VIRTUALENVS_CREATE=false \
    POETRY_CACHE_DIR=/cache/poetry

# Install system dependencies
RUN apt-get update && apt-get install -y \
    curl \
    git \
    gcc \
    python3-dev \
    libgmp-dev \
    libmpfr-dev \
    libmpc-dev \
    && curl -fsSL https://deb.nodesource.com/setup_20.x | bash - \
    && apt-get install -y nodejs \
    && npm install -g npm@latest \
    && rm -rf /var/lib/apt/lists/*

# Pull official images
FROM langgenius/dify-web:latest AS web
FROM langgenius/dify-api:latest AS api

# Final stage
FROM base

# Create non-root user (required by Hugging Face)
RUN useradd -m -u 1000 user

# Set up directory structure and persistent storage
WORKDIR /app
RUN mkdir -p api web /data/storage && \
    chown -R user:user /app /data

# Copy from official images instead of building
COPY --from=web --chown=user /app/web /app/web/
COPY --from=api --chown=user /app/api /app/api/


RUN pip install --no-cache-dir \
    gunicorn \
    gevent \
    grpcio \
    grpcio-tools \
    pydantic-settings \
    pydantic \
    flask \
    flask-cors \
    flask-sqlalchemy \
    flask-migrate \
    flask-login \
    flask-limiter \
    flask-restful \
    fastapi \
    uvicorn \
    python-multipart \
    python-jose[cryptography] \
    passlib[bcrypt] \
    sqlalchemy \
    psycopg2-binary \
    alembic \
    redis \
    celery \
    flower \
    pytest \
    pytest-cov \
    pytest-asyncio \
    httpx \
    PyYAML \
    python-dotenv \
    requests \
    aiohttp \
    boto3 \
    minio \
    tiktoken \
    openai \
    tenacity \
    cryptography \
    gmpy2==2.2.1 \
    transformers \
    torch \
    sentencepiece \
    protobuf \
    anthropic==0.23.1 \
    authlib==1.3.1 \
    azure-ai-inference==1.0.0b3 \
    azure-ai-ml==1.20.0 \
    azure-identity==1.16.1 \
    beautifulsoup4==4.12.2 \
    bs4==0.0.1 \
    cachetools==5.3.0 \
    chardet==5.1.0 \
    cohere==5.2.4 \
    dashscope[tokenizer]==1.17.0 \
    fal-client==0.5.6 \
    flask-compress==1.14 \
    google-ai-generativelanguage==0.6.9 \
    google-api-core==2.18.0 \
    google-api-python-client==2.90.0 \
    google-auth==2.29.0 \
    google-auth-httplib2==0.2.0 \
    google-cloud-aiplatform==1.49.0 \
    google-generativeai==0.8.1 \
    googleapis-common-protos==1.63.0 \
    huggingface-hub==0.16.4 \
    jieba==0.42.1 \
    langfuse==2.51.3 \
    langsmith==0.1.77 \
    mailchimp-transactional==1.0.50 \
    markdown==3.5.1 \
    nomic==3.1.2 \
    novita-client==0.5.7 \
    numpy==1.26.4 \
    oci==2.135.1 \
    openpyxl==3.1.5 \
    pandas[performance,excel]==2.2.2 \
    pycryptodome==3.19.1 \
    pydantic-extra-types==2.9.0 \
    pyjwt==2.8.0 \
    pypdfium2==4.17.0 \
    python-docx==1.1.0 \
    readabilipy==0.2.0 \
    redis[hiredis]==5.0.3 \
    replicate==0.22.0 \
    resend==0.7.0 \
    sagemaker==2.231.0 \
    scikit-learn==1.5.1 \
    sentry-sdk[flask]==1.44.1 \
    starlette==0.41.0 \
    tencentcloud-sdk-python-hunyuan==3.0.1158 \
    tokenizers==0.15.0 \
    unstructured[docx,epub,md,msg,ppt,pptx]==0.16.1 \
    validators==0.21.0 \
    volcengine-python-sdk[ark]==1.0.98 \
    websocket-client==1.7.0 \
    werkzeug==3.0.1 \
    xinference-client==0.15.2 \
    yarl==1.9.4 \
    youtube-transcript-api==0.6.2 \
    zhipuai==2.1.5

# Create symlink for persistent storage
RUN ln -s /data/storage /app/api/storage

# Set environment variables
ENV FLASK_APP=app.py \
    EDITION=SELF_HOSTED \
    DEPLOY_ENV=PRODUCTION \
    MODE=api \
    LOG_LEVEL=INFO \
    DEBUG=false \
    FLASK_DEBUG=false \
    SECRET_KEY=sk-9f73s3ljTXVcMT3Blb3ljTqtsKiGHXVcMT3BlbkFJLK7U \
    CONSOLE_API_URL=http://127.0.0.1:7860 \
    CONSOLE_WEB_URL=http://127.0.0.1:3000 \
    SERVICE_API_URL=http://127.0.0.1:7860 \
    APP_WEB_URL=http://127.0.0.1:3000 \
    DB_USERNAME=postgres \
    DB_PASSWORD=difyai123456 \
    DB_HOST=db \
    DB_PORT=5432 \
    DB_DATABASE=dify \
    REDIS_HOST=redis \
    REDIS_PORT=6379 \
    REDIS_PASSWORD=difyai123456 \
    HOME=/home/user \
    PATH=/home/user/.local/bin:$PATH \
    PYTHONPATH=/app/api \
    STORAGE_PATH=/data/storage

USER user
EXPOSE 7860 3000

# Create startup script
RUN echo '#!/bin/bash\n\
echo "===== Application Startup at $(date "+%Y-%m-%d %H:%M:%S") ====="\n\
echo "Starting Dify services..."\n\
cd /app/api && \
PYTHONPATH=/app/api python -m gunicorn app:app \
    --bind 0.0.0.0:7860 \
    --worker-class gevent \
    --workers 1 \
    --timeout 300 \
    --preload &\n\
echo "Starting API server on port 7860..."\n\
cd /app/web && node server.js &\n\
echo "Starting Next.js server on port 3000..."\n\
wait' > /app/entrypoint.sh && \
    chmod +x /app/entrypoint.sh

WORKDIR /app

CMD ["./entrypoint.sh"]