# Hugging Face Space: single-port edge (nginx) + OpenEnv (8100) + API (8200) + static UI.
# Build from repository root: docker build -f Dockerfile.space -t polyguard-space .
# Cheap tier: use Space "CPU basic"; first boot downloads ~1.1GB model bundle.

FROM node:20-bookworm-slim AS frontend
WORKDIR /build
COPY app/ui/frontend/package.json app/ui/frontend/package-lock.json ./
RUN npm ci
COPY app/ui/frontend/ ./
ENV VITE_API_BASE=/api
RUN npm run build

FROM python:3.11-slim-bookworm
WORKDIR /app
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get install -y --no-install-recommends nginx \
    && rm -rf /var/lib/apt/lists/*

COPY requirements-space.txt /app/requirements-space.txt
RUN pip install --no-cache-dir --upgrade pip \
    && pip install --no-cache-dir torch --index-url https://download.pytorch.org/whl/cpu \
    && pip install --no-cache-dir -r /app/requirements-space.txt

COPY . /app
COPY --from=frontend /build/dist /app/static

RUN chmod +x /app/docker/space/entrypoint.sh \
    && mkdir -p /app/data /app/checkpoints/active

ENV PORT=7860
ENV POLYGUARD_ALLOW_HF_SPACE_CORS=true
ENV POLYGUARD_ENABLE_OLLAMA=false
ENV POLYGUARD_ENABLE_ACTIVE_MODEL=true
ENV POLYGUARD_HF_MODEL=Qwen/Qwen2.5-0.5B-Instruct
ENV POLYGUARD_PROVIDER_PREFERENCE=transformers
ENV POLYGUARD_ALLOW_WEB_FETCH=false
ENV POLYGUARD_DATA_DIR=/app/data
ENV PYTHONUNBUFFERED=1

EXPOSE 7860
CMD ["/app/docker/space/entrypoint.sh"]