# ---- Base ----
FROM node:22-slim AS base
RUN corepack enable && corepack prepare pnpm@10.27.0 --activate
WORKDIR /app

# ---- Dependencies ----
# Use node-linker=hoisted so pnpm creates flat node_modules (no symlinks).
# This ensures standalone output has real files, not broken pnpm symlinks.
FROM base AS deps
RUN echo "node-linker=hoisted" > .npmrc
COPY pnpm-lock.yaml pnpm-workspace.yaml package.json turbo.json ./
COPY apps/web/package.json apps/web/
RUN pnpm install --frozen-lockfile --filter @goodgo/web...

# ---- Build ----
FROM base AS build
COPY --from=deps /app/.npmrc ./
COPY --from=deps /app/node_modules ./node_modules
COPY --from=deps /app/apps/web/node_modules ./apps/web/node_modules 2>/dev/null || true
COPY tsconfig.base.json ./
COPY apps/web/ apps/web/
RUN cd apps/web && npx next build

# ---- Production ----
FROM node:22-slim AS production
RUN apt-get update && apt-get install -y --no-install-recommends dumb-init && rm -rf /var/lib/apt/lists/*
WORKDIR /app

ENV NODE_ENV=production
ENV NEXT_TELEMETRY_DISABLED=1
ENV HOSTNAME=0.0.0.0
ENV PORT=3000

# With hoisted node_modules, standalone output has real files (no symlinks)
COPY --from=build --chown=node:node /app/apps/web/.next/standalone/node_modules ./node_modules
COPY --from=build --chown=node:node /app/apps/web/.next/standalone/apps/web/server.js ./server.js
COPY --from=build --chown=node:node /app/apps/web/.next/standalone/apps/web/.next ./.next
COPY --from=build --chown=node:node /app/apps/web/.next/static ./.next/static
COPY --from=build --chown=node:node /app/apps/web/public ./public

EXPOSE 3000

HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
    CMD node -e "fetch('http://localhost:3000/api/health').then(r => { if (!r.ok) throw 1 }).catch(() => { process.exit(1) })"

USER node

ENTRYPOINT ["dumb-init", "--"]
CMD ["node", "server.js"]
