# afaq — SFTP drop point + HTTP(S) file server (development).
#
# A chrooted, SFTP-only user drops files under uploads/; Apache serves that
# uploads/ dir as its DocumentRoot ROOT. afaq's FTP file driver connects here
# over SFTP (host "sftp", port 22) and later fetches the files back over
# http://sftp/<relative-path> — so the SFTP landing dir and the HTTP root are
# the SAME directory. Ubuntu 22.04 mirrors the maqsurah/production behavior.
FROM ubuntu:22.04

ENV DEBIAN_FRONTEND=noninteractive

RUN apt-get update && apt-get install -y --no-install-recommends \
        openssh-server \
        openssh-sftp-server \
        apache2 \
        media-types \
        openssl \
        ca-certificates \
    && rm -rf /var/lib/apt/lists/* \
    && mkdir -p /var/run/sshd

COPY apache-site.conf /etc/apache2/sites-available/sftp-http.conf
COPY entrypoint.sh    /usr/local/bin/entrypoint.sh
RUN sed -i 's/\r$//' /usr/local/bin/entrypoint.sh \
 && chmod +x /usr/local/bin/entrypoint.sh \
 && a2enmod rewrite ssl >/dev/null \
 && a2dissite 000-default >/dev/null 2>&1 || true \
 && a2ensite sftp-http >/dev/null

# 22 = SFTP, 80/443 = HTTP/HTTPS file serving.
EXPOSE 22 80 443

ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]