FROM python:3.11-slim

WORKDIR /app

# Install dependencies
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt

# Copy application
COPY main.py .
COPY .env .

# Create non-root user
RUN useradd -m -u 1000 synqed && \
    chown -R synqed:synqed /app

USER synqed

# Health check - use PORT env var
HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
    CMD python -c "import os, httpx; httpx.get(f'http://localhost:{os.getenv(\"PORT\", \"8000\")}/health')"

EXPOSE 8080

CMD uvicorn main:app --host 0.0.0.0 --port ${PORT:-8000}
