FROM php:8.3-fpm

ENV DEBIAN_FRONTEND=noninteractive

# Permet d'utiliser bash au lieu de sh par défaut dans docker desktop
RUN ln -sf /bin/bash /bin/sh

# ------------------------------------------------------------------
# Paquets de base + Composer
# ------------------------------------------------------------------
RUN set -eux; \
    apt-get update; \
    apt-get upgrade -y; \
    apt-get install -y --no-install-recommends \
        curl libmemcached-dev libz-dev libpq-dev \
        libjpeg-dev libpng-dev libfreetype6-dev libssl-dev \
        libwebp-dev libxpm-dev libmcrypt-dev libonig-dev \
        libicu-dev libcurl4-openssl-dev openssh-client \
        git wget unzip zip libzip-dev ca-certificates \
        dnsutils iputils-ping vim;

# ------------------------------------------------------------------
# Core PHP Extensions
# ------------------------------------------------------------------
RUN set -eux; \
    docker-php-ext-install pdo_mysql pdo_pgsql bcmath; \
    docker-php-ext-install curl; \
    docker-php-ext-configure gd --with-jpeg --with-webp --with-xpm --with-freetype; \
    docker-php-ext-install gd; \
    docker-php-ext-configure intl; \
    docker-php-ext-install intl; \
    docker-php-ext-configure zip; \
    docker-php-ext-install zip; \
    docker-php-ext-configure pcntl; \
    docker-php-ext-install pcntl; \
    php -r 'var_dump(gd_info());'

# ------------------------------------------------------------------
# Extension Redis via PECL
# ------------------------------------------------------------------
RUN set -eux; \
    apt-get update; \
    apt-get install -y --no-install-recommends build-essential pkg-config autoconf gcc make; \
    pecl install imagick && docker-php-ext-enable imagick; \
    pecl install redis && docker-php-ext-enable redis; \
    rm -rf /tmp/pear; \
    apt-get purge -y --auto-remove build-essential pkg-config autoconf gcc make; \
    rm -rf /var/lib/apt/lists/*

# Setup SSH directory and config
RUN mkdir -p /root/.ssh && \
    chmod 700 /root/.ssh && \
    touch /root/.ssh/known_hosts && \
    chmod 644 /root/.ssh/known_hosts && \
    ssh-keyscan github.com >> /root/.ssh/known_hosts

COPY certs /usr/local/share/ca-certificates/
RUN update-ca-certificates

# Installation sécurisée de Composer
COPY --from=composer:latest /usr/bin/composer /usr/local/bin/composer
RUN chmod +x /usr/local/bin/composer