FROM alpine:latest

ENV NGINX_VERSION="1.13.2" \
    NGINX_OPTS="--with-http_ssl_module \
                --with-http_gzip_static_module \
                --prefix=/usr/share/nginx \
                --sbin-path=/usr/sbin/nginx \
                --conf-path=/etc/nginx/nginx.conf \
                --pid-path=/var/run/nginx.pid \
                --http-log-path=/var/log/nginx/access.log \
                --error-log-path=/var/log/nginx/error.log \
                --user=nginx \
                --group=nginx \
                --add-module=/tmp/modules/nginx_requestid-master"
COPY requirements /opt/app/requirements

RUN apk update && apk add --update --no-cache --progress \
    make \
    pcre \
    zlib \
    libpq \
    openssl \
    ca-certificates \
	python3 \
	libxml2-dev \
    py-libxml2 \
    libxml2-utils \
	libxslt-dev \
	libmagic \
	ghostscript \
	postgresql-dev \
    supervisor \
    libmemcached-dev \
    cyrus-sasl-dev \
    jpeg libpng freetype \
	bash bash-completion \
	gettext-dev \
    freetype-dev \
    libtool \
    mailcap \
    libgomp \
    jpeg-dev \
    expat \
    tcl-dev \
    tk-dev \

	&& apk add --no-cache --virtual=.build-dependencies \
		musl-dev \
        curl \
        build-base \
        ncurses-dev \
        pcre-dev \
        zlib-dev \
        libpng-dev \
        tiff-dev \
        lcms2-dev \
        libwebp-dev \
        libffi-dev \
        ttf-freefont \
        font-bh-ttf \
		python3-dev \

	&& python3 -m ensurepip \
	&& rm -r /usr/lib/python*/ensurepip \
	&& pip3 install --upgrade pip setuptools \
	&& pip3 install --no-cache-dir -r /opt/app/requirements/production.txt \

    # Add nginx group and user
    && addgroup -S nginx \
    && adduser -S nginx -G nginx \
    # Download additional nginx modules
    && mkdir -p /tmp/modules \
    && cd /tmp/modules \
    && wget -O nginx-requestid.tar.gz https://github.com/hhru/nginx_requestid/archive/master.tar.gz \
    && tar xvzf nginx-requestid.tar.gz \
    # Download and compile nginx
    && cd /tmp \
    && curl -fSL http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz -o nginx-${NGINX_VERSION}.tar.gz \
    && tar xzvf nginx-${NGINX_VERSION}.tar.gz \
    && cd nginx-${NGINX_VERSION} \
    && ./configure ${NGINX_OPTS} \
    && make \
    && make install \

    # Delete build dependencies after use
    && cd /tmp \
	&& apk del .build-dependencies \
    && rm -rf \
        modules \
        nginx-${NGINX_VERSION} \
        nginx-${NGINX_VERSION}.tar.gz \
        /var/cache/apk/* \
        /root/.cache \

    # Security precautions
    && openssl rand -base64 32 > /opt/app/secret_key.txt \
    && echo "root:$(openssl passwd -apr1 uztOsdwP)" >> /etc/nginx/.htpasswd

#COPY . /opt/app
#VOLUME ["/opt/app/public/media"]
WORKDIR /opt/app

RUN rm -v /etc/nginx/nginx.conf
ADD /conf/nginx.conf /etc/nginx/

EXPOSE 80


CMD ["conf/docker/entrypoint_stage.sh"]