FROM ghcr.io/astral-sh/uv:python3.14-bookworm-slim

WORKDIR /app

ARG APT_MIRROR="https://mirrors.ustc.edu.cn/debian"
ARG UV_INDEX_URL="https://pypi.mirrors.ustc.edu.cn/simple/"

ENV UV_INDEX_URL="${UV_INDEX_URL}" \
    PYTHONUNBUFFERED=1 \
    PYXRAY_HOST=0.0.0.0 \
    PYXRAY_PORT=8080 \
    PYXRAY_XRAY_DIR=/config/xray

RUN if [ -f /etc/apt/sources.list.d/debian.sources ]; then \
      sed -i "s|http://deb.debian.org/debian|${APT_MIRROR}|g; s|http://deb.debian.org/debian-security|${APT_MIRROR}-security|g" /etc/apt/sources.list.d/debian.sources; \
    fi \
    && if [ -f /etc/apt/sources.list ]; then \
      sed -i "s|http://deb.debian.org/debian|${APT_MIRROR}|g; s|http://security.debian.org/debian-security|${APT_MIRROR}-security|g" /etc/apt/sources.list; \
    fi \
    && apt-get update \
    && apt-get install -y --no-install-recommends \
      ca-certificates \
      curl \
      iproute2 \
      iptables \
      nftables \
      unzip \
    && rm -rf /var/lib/apt/lists/*

COPY pyproject.toml uv.lock README.md ./
COPY pyxray ./pyxray

RUN uv sync --frozen --no-dev \
    && uv pip install --python /app/.venv/bin/python gunicorn==23.0.0

RUN printf '%s\n' \
      '#!/bin/sh' \
      'set -eu' \
      'mkdir -p "$PYXRAY_XRAY_DIR"' \
      'exec /app/.venv/bin/gunicorn --bind "$PYXRAY_HOST:$PYXRAY_PORT" --workers 1 --threads 8 --timeout 120 --access-logfile - --error-logfile - "pyxray.web.server:create_app(\"$PYXRAY_XRAY_DIR\")"' \
    > /usr/local/bin/pyxray-entrypoint \
    && chmod 0755 /usr/local/bin/pyxray-entrypoint

VOLUME ["/config"]

EXPOSE 8080

HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
  CMD curl -fsS "http://127.0.0.1:${PYXRAY_PORT}/" >/dev/null || exit 1

CMD ["/usr/local/bin/pyxray-entrypoint"]
