FROM ubuntu:22.04

ENV DEBIAN_FRONTEND=noninteractive
ENV TERM=xterm-256color
ENV NPM_CONFIG_PREFIX=/home/Draco/.npm-global
ENV PATH=$PATH:/home/Draco/.npm-global/bin

# Create sudoers.d entry, user Draco with passwordless sudo and npm global folder
RUN apt-get update && apt-get install -y sudo && \
    mkdir -p /etc/sudoers.d && \
    useradd -m -u 1000 -s /bin/bash Draco && \
    echo "Draco ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/draco && \
    chmod 440 /etc/sudoers.d/draco && \
    mkdir -p /home/Draco/.npm-global && chown -R Draco:Draco /home/Draco/.npm-global

# Install core tools
RUN apt-get install -y curl gnupg apt-transport-https ca-certificates && apt-get clean

# Add Node.js 20.x and install essential packages
RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - && \
    apt-get install -y --no-install-recommends \
    nodejs \
    ffmpeg \
    python3 python3-pip python3-venv \
    build-essential \
    openssh-client \
    neofetch \
    git \
    wget \
    vim nano unzip zip htop \
    net-tools iputils-ping dnsutils \
    tmux screen jq \
    software-properties-common \
    sqlite3 libsqlite3-dev libssl-dev libffi-dev \
    libxml2-dev libxslt1-dev libjpeg-dev \
    zlib1g-dev libpng-dev libwebp-dev \
    pkg-config rsync lsof \
    tree mc \
    python3-dev python3-distutils python3-setuptools \
    cron aria2 telnet expect && \
    apt-get clean && rm -rf /var/lib/apt/lists/*

# Install Python packages
RUN pip3 install --no-cache-dir \
    pytelegrambotapi \
    requests \
    beautifulsoup4 \
    lxml \
    flask \
    httpx \
    aiohttp \
    schedule

# ---- Tailscale Setup ----
RUN curl -fsSL https://pkgs.tailscale.com/stable/ubuntu/jammy.noarmor.gpg | \
    tee /usr/share/keyrings/tailscale-archive-keyring.gpg > /dev/null && \
    echo "deb [signed-by=/usr/share/keyrings/tailscale-archive-keyring.gpg] https://pkgs.tailscale.com/stable/ubuntu jammy main" \
    > /etc/apt/sources.list.d/tailscale.list && \
    apt-get update && \
    apt-get install -y tailscale && \
    apt-get clean && rm -rf /var/lib/apt/lists/*

# Prepare /app directory owned by Draco
RUN mkdir -p /app && echo "Tailscale & app running..." > /app/index.html && \
    chown -R Draco:Draco /app

WORKDIR /app

USER Draco

# Start tailscaled with userspace networking, wait for socket, then up tailscale & start HTTP server
CMD tailscaled --tun=userspace-networking --socks5-server=localhost:1055 > /dev/null 2>&1 & \
    for i in $(seq 1 10); do \
      if [ -S /tmp/tailscaled.sock ]; then \
        echo "tailscaled is ready"; break; \
      fi; \
      sleep 1; \
    done; \
    tailscale up --authkey=tskey-auth-krBh6cJ4GS11CNTRL-Ys653FbsA8VzjZbm7CdD8Vy4C1iCpmh2 --ssh --netfilter-mode=off && \
    python3 -m http.server 7860