# ── Stage 1: Build ────────────────────────────────────────────
FROM python:3.12-slim AS builder

WORKDIR /build
COPY pyproject.toml README.md ./
COPY src/ src/

RUN pip install --no-cache-dir build && \
    python -m build --wheel --outdir /dist

# ── Stage 2: Runtime ──────────────────────────────────────────
FROM python:3.12-slim

LABEL maintainer="wronai" \
      description="Proxym — multi-provider LLM gateway" \
      version="0.1.0"

WORKDIR /app

# System deps
RUN apt-get update && \
    apt-get install -y --no-install-recommends curl && \
    rm -rf /var/lib/apt/lists/*

# Install wheel + extras
COPY --from=builder /dist/*.whl /tmp/
RUN pip install --no-cache-dir /tmp/*.whl && rm -rf /tmp/*.whl

# Copy config
COPY docker-compose.yml /app/
COPY .env.example .env.example
COPY frontend/ /app/frontend/
RUN chown -R proxy:proxy /app/frontend/

# Non-root user
RUN id "proxy" &>/dev/null || useradd -m -s /bin/bash proxy
RUN mkdir -p /home/proxy/.config/proxym/vms /home/proxy/.local/share/proxym/images /home/proxy/.local/share/proxym/overlays && \
    chown -R proxy:proxy /home/proxy
ENV HOME=/home/proxy
USER proxy

EXPOSE 4000

HEALTHCHECK --interval=15s --timeout=5s --retries=3 \
    CMD curl -f http://localhost:4000/health || exit 1

ENTRYPOINT ["proxym", "serve"]
CMD ["--host", "0.0.0.0", "--port", "4000"]
