FROM python:3.10-slim

ENV PYTHONUNBUFFERED=1     PYTHONDONTWRITEBYTECODE=1     DEBIAN_FRONTEND=noninteractive     TZ=Asia/Shanghai

WORKDIR /app

# 第一批：基础工具和基础依赖
RUN apt-get update && apt-get install -y \
    --no-install-recommends \
    git \
    curl \
    wget \
    vim \
    nano \
    tzdata \
    sudo \
    && rm -rf /var/lib/apt/lists/*

# 第二批：基础编译工具
RUN apt-get update && apt-get install -y \
    --no-install-recommends \
    make \
    patch \
    bzip2 \
    xz-utils \
    dpkg-dev \
    && rm -rf /var/lib/apt/lists/*

# 第三批：完整gcc工具链
RUN apt-get update && apt-get install -y \
    --no-install-recommends \
    build-essential \
    && rm -rf /var/lib/apt/lists/*

# 第四批：图形库和SSH
RUN apt-get update && apt-get install -y \
    --no-install-recommends \
    libglib2.0-0 \
    libsm6 \
    libxext6 \
    libxrender-dev \
    libgomp1 \
    openssh-server \
    && rm -rf /var/lib/apt/lists/* || true

RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone

RUN pip install --no-cache-dir --upgrade pip setuptools wheel

# 分层安装依赖：利用Docker缓存实现差分下载
# 第一层：基础依赖 - 大文件、不常变，会被长期缓存
COPY docker/requirements/requirements-base.txt .
RUN pip install --no-cache-dir -r requirements-base.txt

# 第二层：额外依赖 - 小文件、可能频繁变更，只重新下载这一层
COPY docker/requirements/requirements-extra.txt .
RUN pip install --no-cache-dir -r requirements-extra.txt

# code-server 安装：预装，自动启动
RUN curl -fsSL https://code-server.dev/install.sh | sh

RUN useradd -m -u 1000 vnpy &&     echo "vnpy ALL=(ALL) NOPASSWD:ALL" >> /etc/sudoers &&     mkdir -p /home/vnpy/.ssh &&     mkdir -p /etc/ssh &&     chown -R vnpy:vnpy /home/vnpy /app &&     chmod 700 /home/vnpy/.ssh

# 如果sshd_config不存在，生成一个默认配置
RUN if [ ! -f /etc/ssh/sshd_config ]; then 
    echo "Port 22" > /etc/ssh/sshd_config && 
    echo "PermitRootLogin no" >> /etc/ssh/sshd_config && 
    echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config && 
    echo "UsePAM yes" >> /etc/ssh/sshd_config && 
    echo "Subsystem	sftp	internal-sftp" >> /etc/ssh/sshd_config; 
    fi

# 确保配置正确
RUN sed -i 's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config 2>/dev/null || true && 
    sed -i 's/#PermitRootLogin prohibit-password/PermitRootLogin no/' /etc/ssh/sshd_config 2>/dev/null || true && 
    echo "vnpy:sanguo123" | chpasswd

USER vnpy

RUN mkdir -p /home/vnpy/.config/code-server &&     echo 'bind-addr: 0.0.0.0:8080' > /home/vnpy/.config/code-server/config.yaml &&     echo 'auth: password' >> /home/vnpy/.config/code-server/config.yaml &&     echo 'password: sanguo123' >> /home/vnpy/.config/code-server/config.yaml

EXPOSE 22 8000 8080 8888 2018 4102 8088

COPY --chown=vnpy:vnpy docker/entrypoint.sh /app/
RUN chmod +x /app/entrypoint.sh

COPY --chown=vnpy:vnpy scripts /app/scripts
RUN find /app/scripts -name "*.sh" -type f -exec chmod +x {} \; 
# 目录名含连字符不能做Python包，重命名为下划线
RUN if [ -d /app/scripts/backtest-service ]; then mv /app/scripts/backtest-service /app/scripts/backtest_service; fi
# 创建日志和回测结果目录
RUN mkdir -p /app/logs /app/backtest_jobs

ENTRYPOINT ["/app/entrypoint.sh"]