FROM python:3.9-slim

RUN apt-get update && apt-get install -y \
    build-essential \
    g++ \
    openssl \
    supervisor \
    && rm -rf /var/lib/apt/lists/*


RUN apt update \
    && apt install -y sudo \
    && apt install -y curl

WORKDIR /app

COPY requirements.txt /app/requirements.txt
RUN pip install --no-cache-dir -r /app/requirements.txt

COPY . .

RUN export FLASK_SECRET_KEY=$(openssl rand -hex 23)
RUN mkdir -p /app/bin

RUN mkdir -p /tmp/uploads
RUN chmod +x /app/background.sh
RUN chmod +x /app/bin/*

COPY /bin/* /app/bin/

RUN useradd -m ctf

RUN printf "ctf ALL=(root) NOPASSWD: /app/bin/fetcher\n" > /etc/sudoers.d/ctf-fetcher \
    && chmod 0440 /etc/sudoers.d/ctf-fetcher

RUN chmod -R 555 /app

RUN touch /tmp/logs

RUN chown -R ctf:ctf /tmp/uploads
RUN chmod 777 /tmp/logs
RUN chmod 777 /tmp/uploads
COPY entrypoint.sh /app/entrypoint.sh
RUN chmod +x /app/entrypoint.sh

COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
RUN chown -R ctf:ctf  /etc/supervisor

# USER ctf

ENTRYPOINT ["/app/entrypoint.sh"]

EXPOSE 5000