# GeoEdu Service - Self-Hosted OSM + Terrain
# DSGVO-konform, keine externen Tile-Services
FROM python:3.11-slim-bookworm

# Build arguments
ARG TARGETARCH

# Install system dependencies for geo-processing
RUN apt-get update && apt-get install -y --no-install-recommends \
    # Build essentials
    build-essential \
    gcc \
    g++ \
    # Geo libraries
    libgdal-dev \
    gdal-bin \
    libgeos-dev \
    libproj-dev \
    # Image processing
    libpng-dev \
    libjpeg-dev \
    # Network tools
    curl \
    wget \
    # Clean up
    && rm -rf /var/lib/apt/lists/*

# Set GDAL environment variables
ENV GDAL_CONFIG=/usr/bin/gdal-config
ENV CPLUS_INCLUDE_PATH=/usr/include/gdal
ENV C_INCLUDE_PATH=/usr/include/gdal

# Create app directory
WORKDIR /app

# Create non-root user for security
RUN groupadd -r geoservice && useradd -r -g geoservice geoservice

# Create data and cache directories
RUN mkdir -p /app/data/osm /app/data/dem /app/cache/tiles /app/bundles \
    && chown -R geoservice:geoservice /app

# Copy requirements first for better caching
COPY requirements.txt .

# Install Python dependencies
RUN pip install --no-cache-dir -r requirements.txt

# Copy application code
COPY --chown=geoservice:geoservice . .

# Create __init__.py files for Python packages
RUN touch /app/api/__init__.py \
    && touch /app/services/__init__.py \
    && touch /app/models/__init__.py \
    && touch /app/utils/__init__.py

# Switch to non-root user
USER geoservice

# Expose port
EXPOSE 8088

# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \
    CMD curl -f http://localhost:8088/health || exit 1

# Start application
CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "8088"]