FROM nginx:alpine

# Set up a new user named "user" with user ID 1000
RUN adduser -D -u 1000 user

# Create necessary directories with proper ownership
RUN mkdir -p /usr/share/nginx/html && \
    chown -R user:user /usr/share/nginx/html

# Switch to the "user" user for operations
USER user

# Set home to the user's home directory
ENV HOME=/home/user \
    PATH=/home/user/.local/bin:$PATH

# Set the working directory
WORKDIR $HOME/app

# Copy files with proper ownership
COPY --chown=user . $HOME/app

# Switch back to root for nginx configuration (required)
USER root

# Create default.conf for nginx to listen on port 7860 (Hugging Face's default port)
RUN echo 'server { \
    listen 7860; \
    server_name _; \
    location / { \
        root /usr/share/nginx/html; \
        index index.html; \
        try_files $uri $uri/ /index.html; \
    } \
}' > /etc/nginx/conf.d/default.conf

# Copy files from user's app directory to nginx serving directory
RUN cp -r $HOME/app/* /usr/share/nginx/html/ && \
    chmod -R 755 /usr/share/nginx/html && \
    chown -R user:user /usr/share/nginx/html

# Expose port 7860 for Hugging Face Spaces
EXPOSE 7860

# Switch back to user for running the service
USER user

# Start NGINX (with a slight modification to run as non-root)
CMD ["nginx", "-g", "daemon off;"]