# Use an official Python runtime as a parent image
FROM python:3.10-slim

# Set environment variables to prevent interactive prompts during apt-get install
ENV DEBIAN_FRONTEND=noninteractive

# Install system dependencies
RUN apt-get update && \
    (if [ -f /etc/apt/sources.list.d/debian.sources ]; then \
        echo "Modifying /etc/apt/sources.list.d/debian.sources to include contrib and non-free-firmware" && \
        sed -i -e 's/^Components: main$/Components: main contrib non-free-firmware/' \
               -e 's/^Components: main\( .*\)$/Components: main contrib non-free-firmware\1/' \
               /etc/apt/sources.list.d/debian.sources; \
     else \
        echo "/etc/apt/sources.list.d/debian.sources not found, checking /etc/apt/sources.list"; \
     fi) && \
    (if [ -f /etc/apt/sources.list ]; then \
        echo "Modifying /etc/apt/sources.list to include contrib and non-free-firmware" && \
        sed -i 's/main$/main contrib non-free-firmware/g' /etc/apt/sources.list; \
     else \
        echo "/etc/apt/sources.list not found."; \
     fi || true) && \
    apt-get update && \
    apt-get install -y --no-install-recommends \
    libgl1-mesa-glx \
    libglib2.0-0 \
    fontconfig \
    && echo "ttf-mscorefonts-installer msttcorefonts/accepted-mscorefonts-eula select true" | debconf-set-selections \
    && apt-get install -y --no-install-recommends ttf-mscorefonts-installer \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/* \
    && fc-cache -f -v

# Set the working directory
WORKDIR /app

# Create a non-root user and group
RUN groupadd -g 1000 appuser && useradd --no-log-init -u 1000 -g appuser appuser

# Copy all application files from the repository root to /app
# This means 'templates' directory, 'arial.ttf' (if you use it), etc., MUST be in your repo root.
COPY . .

# Ensure necessary directories exist and set ownership for the entire /app directory.
# 'templates' should be copied by 'COPY . .'. 'generated_images' and session dir (which is /app) need to be writable.
RUN mkdir -p ./app/generated_images && \
    chown -R appuser:appuser ./app

# Install Python dependencies
RUN pip install --no-cache-dir -r requirements.txt

# Switch to the non-root user
USER appuser

# Environment variables for secrets (set these in Hugging Face Space settings)
ENV BOT_TOKEN=""
ENV API_ID=""
ENV API_HASH=""

# Command to run the application
CMD ["python", "main.py"]