FROM node:20-alpine

WORKDIR /app

ARG NEXT_PUBLIC_API_URL=/api
ARG NEXT_PUBLIC_WS_URL=
ARG INTERNAL_API_URL=http://backend:8000
ARG BUILD_SHA=local
ARG BUILD_TIME=unknown

ENV NEXT_PUBLIC_API_URL=$NEXT_PUBLIC_API_URL
ENV NEXT_PUBLIC_WS_URL=$NEXT_PUBLIC_WS_URL
ENV INTERNAL_API_URL=$INTERNAL_API_URL
ENV BUILD_SHA=$BUILD_SHA
ENV BUILD_TIME=$BUILD_TIME
ENV NEXT_TELEMETRY_DISABLED=1

RUN corepack enable && corepack prepare pnpm@9.15.2 --activate

COPY package.json pnpm-lock.yaml ./

RUN pnpm install --frozen-lockfile

COPY . .

# Build for production to generate all static files (CSS, etc.)
RUN pnpm run build

# Next.js standalone server expects static assets under .next/standalone/.next/static
# Also copy i18n messages for runtime locale loading
RUN mkdir -p .next/standalone/.next \
  && cp -r .next/static .next/standalone/.next/static \
  && cp -r public .next/standalone/public \
  && cp -r messages .next/standalone/messages

# Create non-root user for security (required by k8s runAsNonRoot)
RUN addgroup -g 1001 -S nodejs && adduser -S nextjs -u 1001 -G nodejs
# ISR cache needs to be writable at runtime for on-demand revalidation
RUN mkdir -p /app/.next/cache && chown -R nextjs:nodejs /app/.next
USER 1001

EXPOSE 3000

# Run the Next.js production server (standalone output)
CMD ["node", ".next/standalone/server.js"]
