# Custom PHP 8.4 Dockerfile for {{ domain_name }}
# Optimized for Custom PHP Framework
# Environment: {{ environment | upper }}

FROM php:8.4-fpm-alpine

# Build arguments
ARG PHP_VERSION="{{ php_version }}"
ARG BUILD_DATE="{{ ansible_date_time.iso8601 }}"
ARG VCS_REF="{{ ansible_hostname }}"

# Labels for container metadata
LABEL maintainer="{{ ssl_email }}" \
      org.label-schema.build-date="${BUILD_DATE}" \
      org.label-schema.vcs-ref="${VCS_REF}" \
      org.label-schema.schema-version="1.0" \
      org.label-schema.name="custom-php-framework" \
      org.label-schema.description="Custom PHP Framework with PHP 8.4" \
      org.label-schema.version="${PHP_VERSION}"

# Install system dependencies
RUN apk add --no-cache \
    # Build dependencies
    $PHPIZE_DEPS \
    autoconf \
    gcc \
    g++ \
    make \
    # Runtime dependencies
    curl-dev \
    freetype-dev \
    icu-dev \
    jpeg-dev \
    libpng-dev \
    libxml2-dev \
    libzip-dev \
    oniguruma-dev \
    openssl-dev \
    postgresql-dev \
    sqlite-dev \
    # System tools
    git \
    unzip \
    wget

# Install PHP extensions
{% for extension in php_extensions %}
RUN docker-php-ext-install {{ extension }}
{% endfor %}

# Install and configure OPcache
RUN docker-php-ext-install opcache

# Install Redis extension
RUN pecl install redis && docker-php-ext-enable redis

# Install Xdebug for development
{% if environment == 'development' %}
RUN pecl install xdebug && docker-php-ext-enable xdebug
{% endif %}

# Configure PHP
COPY php.ini /usr/local/etc/php/conf.d/99-custom.ini
COPY opcache.ini /usr/local/etc/php/conf.d/10-opcache.ini
COPY redis.ini /usr/local/etc/php/conf.d/20-redis.ini
COPY security.ini /usr/local/etc/php/conf.d/30-security.ini
COPY session.ini /usr/local/etc/php/conf.d/40-session.ini

# Configure PHP-FPM
COPY php-fpm.conf /usr/local/etc/php-fpm.d/www.conf

# Install Composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer \
    && composer --version

# Create application user
RUN addgroup -g 1000 -S www && \
    adduser -u 1000 -S www -G www

# Set up application directory
WORKDIR /var/www/html

# Set proper permissions
RUN chown -R www:www /var/www/html

# Security: Run as non-root user
USER www

# Health check
COPY health-check.sh /usr/local/bin/health-check.sh
HEALTHCHECK --interval={{ docker_health_check_interval }} \
            --timeout={{ docker_health_check_timeout }} \
            --start-period={{ docker_health_check_start_period }} \
            --retries={{ docker_health_check_retries }} \
            CMD /usr/local/bin/health-check.sh

# Expose PHP-FPM port
EXPOSE 9000

# Default command
CMD ["php-fpm"]