# Multi-stage build for optimized image size
FROM oven/bun:latest AS builder

WORKDIR /app

# Copy package files first for better caching
COPY package.json bun.lock ./
COPY admin-panel/package.json ./admin-panel/
COPY frontend/package.json ./frontend/

# Install dependencies
RUN bun install

# Copy source files
COPY . .

# Build frontend and admin panel
RUN bun run build:frontend && bun run build:admin

# Production stage
FROM oven/bun:latest AS runtime

WORKDIR /app

# Create non-root user for security
RUN addgroup --system --gid 1001 bunjs && \
    adduser --system --uid 1001 bunjs

# Copy built application from builder stage
COPY --from=builder --chown=bunjs:bunjs /app .

# Create necessary directories with proper permissions
RUN mkdir -p data public/podcast_audio && \
    chown -R bunjs:bunjs data public

# Switch to non-root user
USER bunjs

# Expose ports
EXPOSE 3000 3001

# Health check
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
    CMD bun -e "fetch('http://localhost:3000').then(() => process.exit(0)).catch(() => process.exit(1))"

# Start both servers with proper process management
CMD ["sh", "-c", "bun run /app/server.ts & bun run /app/admin-server.ts & wait"]