# Build stage
FROM alpine:3.22 AS builder

# Install build dependencies
RUN apk add --no-cache \
    gcc \
    musl-dev \
    make \
    openldap-dev \
    yaml-dev

# Set working directory
WORKDIR /build

# Copy source files
COPY *.c *.h Makefile ./

# Build the application
RUN make deps-alpine && make

# Runtime stage
FROM alpine:3.22
# Install runtime dependencies
RUN apk add --no-cache \
    libldap \
    yaml \
    ca-certificates

# Create app user
RUN addgroup -g 1000 rdpbroker && \
    adduser -D -u 1000 -G rdpbroker rdpbroker

# Create necessary directories
RUN mkdir -p /etc/rdpbroker /var/log/rdpbroker && \
    chown -R rdpbroker:rdpbroker /etc/rdpbroker /var/log/rdpbroker

# Copy binary from builder
COPY --from=builder /build/bin/rdpbroker /usr/local/bin/rdpbroker

# Set permissions
RUN chmod +x /usr/local/bin/rdpbroker

# Switch to non-root user
USER rdpbroker

# Expose RDP port
EXPOSE 3389

# Set entrypoint
ENTRYPOINT ["/usr/local/bin/rdpbroker"]