FROM docker.io/alpine:3.15

RUN \
    # Install OS and python runtime dependencies
    apk --no-cache add curl libbz2 libgcc libstdc++ libxml2 libxslt ncurses-libs openssl pcre readline s6 xz-libs && \
    apk --no-cache add python3 py3-pip py3-wheel && \
    ln -s /usr/bin/python3 /usr/bin/python

RUN \
    # Install Sahana Eden runtime dependencies
    apk --no-cache add ansible at geos nginx py3-dateutil py3-gdal py3-lxml py3-numpy py3-pillow py3-psycopg2 py3-requests py3-sgmllib3k py3-yaml uwsgi-python3 sudo

RUN \
    # Install build dependencies
    apk --no-cache add --virtual .deps build-base cargo freetype-dev git libffi-dev py3-numpy-dev openssl-dev python3-dev ttf-dejavu && \
    # Install web2py 2.21.2
    # See https://github.com/sahana/eden/blob/master/tests/travis/install_web2py.sh
    git clone --recursive git://github.com/web2py/web2py.git /srv/web2py && \
    git -C /srv/web2py reset --hard 31905858b && \
    git -C /srv/web2py submodule update --recursive && \
    # Symlink WSGI handler
    ln -s handlers/wsgihandler.py /srv/web2py/wsgihandler.py && \
    # Install Sahana
    git clone --recursive --depth 1 https://github.com/sahana/eden.git /srv/web2py/applications/eden && \
    # Install python dependencies, exclude old or unnecessary ones
    #  - boto, boto3 - Needed for setup on AWS
    #  - PyRTF - Ceased to exist
    #  - openstacksdk - Needed for setup on OpenStack
    sed -i 's/^boto/#boto/' /srv/web2py/applications/eden/optional_requirements.txt && \
    sed -i 's/^PyRTF/#PyRTF/' /srv/web2py/applications/eden/optional_requirements.txt && \
    sed -i 's/^openstacksdk/#openstacksdk/' /srv/web2py/applications/eden/optional_requirements.txt && \
    pip3 install -r /srv/web2py/applications/eden/optional_requirements.txt && \
    # Copy fonts with Czech glyphs
    cp /usr/share/fonts/ttf-dejavu/DejaVuSerif-Bold.ttf /srv/web2py/applications/eden/static/fonts/Helvetica-Bold.ttf && \
    cp /usr/share/fonts/ttf-dejavu/DejaVuSerif.ttf /srv/web2py/applications/eden/static/fonts/Helvetica.ttf && \
    # Hackfix paths for ansible and other modules with hardcoded paths
    ln -s /srv/web2py /home/prod && \
    # Create volume paths
    mkdir /srv/web2py/applications/eden/databases /srv/web2py/applications/eden/errors /srv/web2py/applications/eden/sessions /srv/web2py/applications/eden/uploads && \
    # Create OS user
    addgroup -S -g 8080 sahana && \
    adduser -S -u 8080 -h /srv/web2py -s /bin/false -g sahana -G sahana sahana && \
    chown -R sahana:sahana /srv/web2py && \
    # Cleanup
    apk --no-cache del .deps && \
    find /srv/web2py -name '.git*' -exec rm -rf {} + && \
    rm -r /root/.cache

COPY image.d /

RUN \
    # Change ownership of the newly copied files
    find /srv/web2py ! -user sahana -exec chown -R sahana:sahana {} +

ENTRYPOINT ["/entrypoint.sh"]
EXPOSE 8080
VOLUME ["/srv/web2py/applications/eden/databases", "/srv/web2py/applications/eden/errors", "/srv/web2py/applications/eden/sessions", "/srv/web2py/applications/eden/uploads"]