FROM alpine:3.19

LABEL maintainer="mGuard VPN Manager"
LABEL description="OpenVPN multi-server container with dynamic configuration"

# Install packages
RUN apk add --no-cache \
    openvpn \
    bash \
    curl \
    iptables \
    ip6tables \
    supervisor \
    jq

# Create directories
RUN mkdir -p \
    /etc/openvpn/servers \
    /etc/openvpn/scripts \
    /etc/openvpn/supervisor.d \
    /var/log/openvpn \
    /var/run/openvpn

# Copy configuration and scripts
COPY supervisord.conf /etc/supervisord.conf
COPY entrypoint.sh /entrypoint.sh
COPY scripts/ /etc/openvpn/scripts/

# Make scripts executable and create log file with proper permissions
RUN chmod +x /entrypoint.sh /etc/openvpn/scripts/*.sh && \
    touch /var/log/openvpn/clients.log && \
    chmod 666 /var/log/openvpn/clients.log

# Expose common VPN ports (actual ports depend on server configs)
# These are just defaults, actual binding happens via host network
EXPOSE 1194/udp
EXPOSE 1194/tcp
EXPOSE 443/tcp

# Volumes for persistent data
VOLUME ["/etc/openvpn", "/var/log/openvpn"]

# Environment variables
ENV API_URL="http://127.0.0.1:8000/api/internal"
ENV API_TIMEOUT="120"
ENV API_RETRY_INTERVAL="5"
ENV POLL_INTERVAL="30"

ENTRYPOINT ["/entrypoint.sh"]