FROM python:3.9-slim

WORKDIR /app

# Install system dependencies
RUN apt-get update && apt-get install -y \
    libgl1-mesa-glx \
    libglib2.0-0 \
    libsm6 \
    libxext6 \
    libxrender-dev \
    libgomp1 \
    wget \
    && rm -rf /var/lib/apt/lists/*

# Copy the requirements file and install Python packages
COPY requirements.txt ./
RUN pip3 install --no-cache-dir -r requirements.txt

# Copy ALL your application files from the root into the container's /app directory
COPY . .

# --- FIXED: Ensure model file exists ---
# If you need to download the model, uncomment the next line:
# RUN wget -O best.pt "YOUR_MODEL_DOWNLOAD_URL"

# --- User and Permission Setup ---
# Create a group and user
RUN groupadd --system appuser && useradd --system --gid appuser appuser

# Change ownership of the entire app directory to the user
RUN chown -R appuser:appuser /app

# Set the HOME environment variable for the user
ENV HOME=/app

# Tell Ultralytics to use the /tmp directory for its config
ENV YOLO_CONFIG_DIR=/tmp

# --- FIXED: Set Hugging Face environment variables ---
ENV SPACE_ID=huggingface
ENV STREAMLIT_SERVER_HEADLESS=true
ENV STREAMLIT_SERVER_ENABLE_CORS=false
ENV STREAMLIT_SERVER_ENABLE_XSRF_PROTECTION=false

# Switch to the non-root user
USER appuser

# --- FIXED: Create necessary directories ---
RUN mkdir -p /tmp/streamlit

# EXPOSE port
EXPOSE 8501

# --- FIXED: Updated healthcheck ---
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
    CMD curl -f http://localhost:8501/_stcore/health || exit 1

# --- FIXED: Updated entrypoint for Hugging Face Spaces ---
ENTRYPOINT ["streamlit", "run", "streamlit_app.py", \
    "--server.port=8501", \
    "--server.address=0.0.0.0", \
    "--browser.gatherUsageStats=false", \
    "--server.headless=true", \
    "--server.enableCORS=false", \
    "--server.enableXsrfProtection=false", \
    "--server.maxUploadSize=200"]