FROM wordpress:php8.2-fpm-alpine

# Install dependencies
RUN apk add --no-cache \
    bash \
    less \
    mysql-client \
    fcgi

# Install WP-CLI
RUN curl -o /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar && \
    chmod +x /usr/local/bin/wp

# Install php-fpm-healthcheck
RUN curl -o /usr/local/bin/php-fpm-healthcheck \
    https://raw.githubusercontent.com/renatomefi/php-fpm-healthcheck/master/php-fpm-healthcheck && \
    chmod +x /usr/local/bin/php-fpm-healthcheck

# Enable php-fpm status page for healthcheck
RUN echo "pm.status_path = /status" >> /usr/local/etc/php-fpm.d/zz-docker.conf

# Copy PHP upload config
COPY uploads.ini /usr/local/etc/php/conf.d/uploads.ini

# Copy extra WordPress config (loaded via WORDPRESS_CONFIG_EXTRA)
# Do NOT overwrite /usr/src/wordpress/wp-config-docker.php — that's the official
# template that defines DB constants, auth keys, table prefix, etc.
COPY wp-config-docker.php /usr/src/websitebox-config.php

# Copy child theme and mu-plugins
COPY wp-content/themes/websitebox/ /usr/src/websitebox-theme/
COPY wp-content/mu-plugins/ /usr/src/websitebox-mu-plugins/

# Copy custom entrypoint
COPY entrypoint.sh /usr/local/bin/websitebox-entrypoint.sh
RUN chmod +x /usr/local/bin/websitebox-entrypoint.sh

# Create Wordfence-compatible .user.ini and stub WAF file
# The stub prevents PHP fatal errors before Wordfence is installed;
# Wordfence will overwrite it with the real WAF during plugin activation.
RUN echo "; Wordfence PHP settings" > /usr/src/wordpress/.user.ini && \
    echo "auto_prepend_file = /var/www/html/wordfence-waf.php" >> /usr/src/wordpress/.user.ini && \
    echo "<?php // Wordfence WAF placeholder - replaced during setup" > /usr/src/wordpress/wordfence-waf.php

ENTRYPOINT ["websitebox-entrypoint.sh"]
CMD ["php-fpm"]