# syntax=docker/dockerfile:1

FROM golang:1.26-bookworm AS builder

ARG VERSION=dev
WORKDIR /src

# Fetch internal gitea-hosted Go modules (mcp-chassis) without going through
# proxy.golang.org and without HTTP→HTTPS surprises. The Gitea server returns
# http:// in its go-import meta tag (config-level limitation), so rewrite to
# https here and bypass the module proxy + sumdb.
RUN git config --global url."https://gitea.d-ma.be/".insteadOf "http://gitea.d-ma.be/"
ENV GOPRIVATE=gitea.d-ma.be
ENV GOPROXY=direct
ENV GOSUMDB=off

COPY go.mod go.sum ./
RUN go mod download

COPY . .
RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 \
    go build -trimpath -ldflags="-s -w" \
    -o /out/ingestion ./cmd/server

FROM alpine:3.21

RUN apk add --no-cache poppler-utils

COPY --from=builder /out/ingestion /usr/local/bin/ingestion

RUN addgroup -S ingestion && adduser -S -G ingestion ingestion

WORKDIR /app

# brain/ is writable state — mount a PersistentVolume here
VOLUME /app/brain

ENV INGEST_BRAIN_DIR=/app/brain
ENV INGEST_PORT=3300

USER ingestion

EXPOSE 3300

ENTRYPOINT ["/usr/local/bin/ingestion"]
