# Use the official Playwright image with browsers preinstalled
FROM mcr.microsoft.com/playwright/python:v1.45.0-jammy

# Create a non-root user (the base image already has pwuser, we'll keep it)
USER root

# System deps (whois, dig, etc. — handy for later stages)
RUN apt-get update \ 
    && apt-get install -y --no-install-recommends \
       whois dnsutils iputils-ping ca-certificates \
    && rm -rf /var/lib/apt/lists/*

WORKDIR /app

# Copy requirements first to leverage Docker layer caching
COPY requirements.txt ./
RUN pip install --no-cache-dir -r requirements.txt

# Copy application code (the double app is needed because the app folder needs to be inside the app folder)
COPY app/ /app/app/

COPY entrypoint.sh ./entrypoint.sh
RUN chmod +x /app/entrypoint.sh

# Create data dir for screenshots/artifacts
RUN mkdir -p /data && chown -R pwuser:pwuser /data /app

USER pwuser

# Expose port
EXPOSE 8000

# Start server
ENTRYPOINT ["/app/entrypoint.sh"]