# Alpine-basiertes Image für kleinere Größe
FROM python:3.12-alpine AS base

ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1 \
    PIP_NO_CACHE_DIR=1

# Systemabhängigkeiten installieren (su-exec für Rechtewechsel)
RUN apk add --no-cache ca-certificates su-exec

# Non-root user
RUN addgroup -S appgroup \
    && adduser -S -G appgroup -u 10001 appuser

WORKDIR /app

COPY requirements.txt ./
RUN pip install --no-cache-dir -r requirements.txt

COPY bot.py ./
COPY config.example.yaml ./config.example.yaml
COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint.sh
RUN chmod +x /usr/local/bin/docker-entrypoint.sh

# Datenverzeichnis
# Pre-create data dir (ownership may be adjusted again at runtime by entrypoint)
RUN mkdir -p /data
VOLUME ["/data"]

ENV DATA_DIR=/data \
    CONFIG_FILE=/app/config.yaml

ENTRYPOINT ["/usr/local/bin/docker-entrypoint.sh"]
CMD ["python", "bot.py"]