# ============================================================
# ONOX Panel — Docker Image
# Geliştirme + opsiyonel production container deploy
# Base: Alpine 3.20 (küçük + güvenli)
# ============================================================

FROM alpine:3.20

# ---- Sistem paketleri ----
RUN apk add --no-cache \
    # PHP 8.2
    php82 \
    php82-fpm \
    php82-pdo \
    php82-pdo_mysql \
    php82-mysqlnd \
    php82-mbstring \
    php82-openssl \
    php82-tokenizer \
    php82-fileinfo \
    php82-curl \
    php82-gd \
    php82-intl \
    php82-zip \
    php82-xml \
    php82-bcmath \
    php82-dom \
    php82-simplexml \
    php82-xmlwriter \
    php82-xmlreader \
    php82-opcache \
    php82-redis \
    php82-ctype \
    php82-session \
    php82-json \
    php82-pcntl \
    php82-posix \
    # Web sunucu
    nginx \
    # Süreç yöneticisi
    supervisor \
    # Araçlar
    composer \
    nodejs \
    npm \
    git \
    curl \
    bash \
    shadow   # useradd/groupadd

# ---- Uygulama kullanıcısı ----
RUN addgroup -g 1000 www && adduser -u 1000 -G www -D -s /bin/sh www

# ---- Nginx konfigürasyonu ----
COPY deploy/docker/nginx.conf /etc/nginx/http.d/default.conf

# ---- PHP-FPM konfigürasyonu ----
COPY deploy/docker/php-fpm.conf /etc/php82/php-fpm.d/www.conf

# ---- Supervisor konfigürasyonu ----
COPY deploy/docker/supervisord.conf /etc/supervisord.conf

# ---- Uygulama ----
WORKDIR /var/www/html

# Önce bağımlılık dosyaları (cache katmanı optimizasyonu)
COPY composer.json composer.lock ./
RUN composer install --no-dev --optimize-autoloader --no-interaction --no-scripts

COPY package.json package-lock.json ./
RUN npm ci

# Tüm kaynak kodu kopyala
COPY . .

# NPM build (production assets)
RUN npm run build

# Composer post-install scriptleri
RUN composer run-script post-autoload-dump || true

# ---- İzinler ----
RUN chown -R www:www /var/www/html \
    && chmod -R 755 /var/www/html/storage \
    && chmod -R 755 /var/www/html/bootstrap/cache

# ---- Entrypoint ----
COPY deploy/docker/entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh

# ---- Log dizinleri ----
RUN mkdir -p /var/log/nginx /var/log/php-fpm \
    && touch /var/log/nginx/error.log /var/log/nginx/access.log

EXPOSE 80

HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
  CMD curl -f http://localhost/up || exit 1

ENTRYPOINT ["/entrypoint.sh"]
CMD ["supervisord", "-c", "/etc/supervisord.conf"]
