# Build and run the Flotilla web server.
#
#   docker build -t flotilla .
#   docker run -p 3000:3000 flotilla
#
# Pass --build-arg VITE_BUILD_HASH=$(git rev-parse --short HEAD) to stamp the build.
# A .env in the build context is picked up by build.sh for branding config.


# https://pnpm.io/docker#example-3-build-on-cicd
FROM node:24-bookworm-slim AS builder
ENV PNPM_HOME="/pnpm"
ENV PATH="$PNPM_HOME:$PATH"
RUN corepack enable

WORKDIR /app
ENV NODE_OPTIONS=--max_old_space_size=16384
COPY package.json pnpm-lock.yaml ./
RUN pnpm i --frozen-lockfile
COPY . .
ARG VITE_BUILD_HASH
RUN pnpm run build
RUN pnpm run build:server


FROM nginx:alpine AS production-nginx
COPY --from=builder /app/build /usr/share/nginx/html
RUN cat > /etc/nginx/conf.d/default.conf << 'EOF'
server {
    listen 3000;
    server_name _;
    root /usr/share/nginx/html;
    index index.html;
    # Enable gzip
    gzip on;
    gzip_vary on;
    gzip_min_length 1024;
    gzip_types text/plain text/css text/xml text/javascript application/javascript application/json;
    # Security headers
    add_header X-Frame-Options "SAMEORIGIN" always;
    add_header X-Content-Type-Options "nosniff" always;
    add_header X-XSS-Protection "1; mode=block" always;
    # https://gist.github.com/dukedorje/01fd7ddbfc8cdac4e02c6105d26ca7fe
    location ^~ /_app/immutable {
        # gzip_static on;
        try_files $uri =404;
        expires 1y;
        add_header Cache-Control "public, immutable";
	etag on;
	access_log off;
	expires max;
    }
    location / {
        try_files $uri $uri/ /index.html;
    }
}
EOF
EXPOSE 3000
CMD ["nginx", "-g", "daemon off;"]

FROM node:lts-slim AS production-nodejs
ENV NODE_ENV=production
WORKDIR /app
COPY --from=builder /app/build /app/build
COPY --from=builder /app/dist-server/server.js /app/server.js
EXPOSE 3000
CMD ["node", "server.js"]
