FROM php:8.3-fpm-alpine

RUN apk add --no-cache nginx supervisor curl openssl tini \
    && mkdir -p /run/nginx /var/cache/nginx /var/log/nginx /run/supervisord

COPY infra/php-fpm-pool.conf /usr/local/etc/php-fpm.d/www.conf
COPY infra/supervisord.conf  /etc/supervisord.conf
COPY infra/nginx.conf        /etc/nginx/nginx.conf
COPY infra/entrypoint.sh     /entrypoint.sh
RUN chmod +x /entrypoint.sh

COPY assets             /var/www/html/assets/
COPY src                /var/www/html/src/
COPY robots.txt         /var/www/html/robots.txt
COPY sitemap.xml        /var/www/html/sitemap.xml
COPY 404.html           /var/www/html/404.html
COPY 500.html           /var/www/html/500.html

RUN chown -R www-data:www-data /var/www/html

ENV RESEND_API_KEY="" \
    FROM_EMAIL="" \
    TO_EMAIL="" \
    ALTCHA_HMAC_KEY="" \
    RATE_LIMIT_PER_IP_PER_10MIN=5 \
    TIME_MIN_SECONDS=3 \
    TRUST_PROXY=1

EXPOSE 80

HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
    CMD curl -fsS http://127.0.0.1/ > /dev/null || exit 1

ENTRYPOINT ["/entrypoint.sh", "/sbin/tini", "--"]
CMD ["/usr/bin/supervisord", "-c", "/etc/supervisord.conf", "-n"]
