FROM python:3.11-slim

# --- Build arguments for user mapping ---
ARG USERNAME=appuser
ARG UID=1000
ARG GID=1000

# --- Install system dependencies ---
RUN apt-get update && \
    apt-get install -y --no-install-recommends \
    build-essential \
    libpq-dev \
    curl \
    && rm -rf /var/lib/apt/lists/*

# --- Create user and group matching host ---
RUN groupadd -g $GID $USERNAME && \
    useradd -m -u $UID -g $GID $USERNAME

WORKDIR /app

# --- Install Python dependencies ---
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

# --- Copy project code ---
COPY . .

# --- Use non-root user ---
USER $USERNAME

# --- Entrypoint is set via docker-compose.yml ---
# For dev: migrations and runserver will be run by the Compose command