FROM debian:bullseye-slim

ENV NGINX_VERSION 1.20.2

# Install fpm
RUN apt update && \
    apt install -y --no-install-recommends ruby ruby-dev && \
    gem install fpm

# Copy dependencies sources folder
COPY deps /tmp/bunkerweb/deps

# Nginx
RUN apt update && \
    apt-get install gnupg2 ca-certificates -y && \
    echo "deb https://nginx.org/packages/debian/ bullseye nginx" > /etc/apt/sources.list.d/nginx.list && \
    echo "deb-src https://nginx.org/packages/debian/ bullseye nginx" >> /etc/apt/sources.list.d/nginx.list && \
    apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ABF5BD827BD9BF62 && \
    apt-get update && \
    apt-get install -y --no-install-recommends nginx=${NGINX_VERSION}-1~bullseye

# Compile and install dependencies
RUN apt update && \
    apt install --no-install-recommends bash python3-pip libssl-dev git libpcre++-dev zlib1g-dev libxml2-dev libyajl-dev pkgconf libcurl4-openssl-dev libgeoip-dev liblmdb-dev apt-utils bash build-essential autoconf libtool automake g++ gcc libxml2-dev make musl-dev gnupg patch libreadline-dev libpcre3-dev libgd-dev -y && \
    mkdir -p /opt/bunkerweb/deps && \
    chmod +x /tmp/bunkerweb/deps/install.sh && \
    bash /tmp/bunkerweb/deps/install.sh && \
    mkdir /opt/bunkerweb/deps/python && \
    pip install --no-cache-dir --require-hashes --target /opt/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt

# Copy BW files
# can't exclude deps from . so we are copying everything by hand
COPY api /opt/bunkerweb/api
COPY cli /opt/bunkerweb/cli
COPY confs /opt/bunkerweb/confs
COPY core /opt/bunkerweb/core
COPY gen /opt/bunkerweb/gen
COPY helpers /opt/bunkerweb/helpers
COPY job /opt/bunkerweb/job
COPY lua /opt/bunkerweb/lua
COPY misc /opt/bunkerweb/misc
COPY utils /opt/bunkerweb/utils
COPY ui /opt/bunkerweb/ui
COPY settings.json /opt/bunkerweb/settings.json
COPY VERSION /opt/bunkerweb/VERSION

# Setup BW
RUN cp /opt/bunkerweb/helpers/bwcli /usr/local/bin && \
    mkdir /opt/bunkerweb/configs && \
    mkdir /opt/bunkerweb/cache && \
    mkdir /opt/bunkerweb/plugins && \
    mkdir /opt/bunkerweb/tmp && \
    find /opt/bunkerweb -path /opt/bunkerweb/deps -prune -o -type f -exec chmod 0740 {} \; && \
    find /opt/bunkerweb -path /opt/bunkerweb/deps -prune -o -type d -exec chmod 0750 {} \; && \
    chmod 770 /opt/bunkerweb/cache /opt/bunkerweb/tmp && \
    chmod 750 /opt/bunkerweb/gen/main.py /opt/bunkerweb/job/main.py /opt/bunkerweb/cli/main.py /opt/bunkerweb/helpers/*.sh /usr/local/bin/bwcli /opt/bunkerweb/ui/main.py && \
    find /opt/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \
    pip install --no-cache-dir --target /opt/bunkerweb/deps/python -r /opt/bunkerweb/ui/requirements.txt

# Copy Linux files
COPY linux/variables.env /opt/bunkerweb/variables.env
COPY linux/bunkerweb-ui.env /opt/bunkerweb/bunkerweb-ui.env
COPY linux/scripts /opt/bunkerweb/scripts
COPY linux/fpm.sh /opt/fpm.sh
RUN chmod +x /opt/bunkerweb/scripts/*.sh /opt/fpm.sh
COPY linux/fpm-debian /opt/.fpm
COPY linux/bunkerweb.service /opt/bunkerweb.service
COPY linux/bunkerweb-ui.service /opt/bunkerweb-ui.service


# Generate DEB at startup
VOLUME /data
WORKDIR /opt
ENTRYPOINT ["/opt/fpm.sh", "deb"]