FROM node:22-alpine

ENV NODE_ENV=production
WORKDIR /app

COPY package.json package-lock.json ./
RUN npm ci --omit=dev && npm cache clean --force

COPY server.js ./server.js
COPY src ./src
COPY public ./public

RUN addgroup -S meme && adduser -S meme -G meme \
  && mkdir -p /data \
  && chown -R meme:meme /data /app

USER meme
EXPOSE 8080
VOLUME ["/data"]
HEALTHCHECK --interval=30s --timeout=3s --start-period=10s --retries=3 \
  CMD node -e "fetch('http://127.0.0.1:8080/healthz').then(r=>process.exit(r.ok?0:1)).catch(()=>process.exit(1))"

ENV DATA_DIR=/data
CMD ["node", "server.js"]
