ARG BASE_IMAGE=registry.access.redhat.com/ubi9/openjdk-17
FROM ubuntu:22.04 as fonts
RUN apt-get upgrade -y && apt-get update -y \
    && apt-get install fonts-noto -y --no-install-recommends

FROM $BASE_IMAGE
USER root

LABEL maintainer="dc-deployments@atlassian.com"
LABEL securitytxt="https://www.atlassian.com/.well-known/security.txt"

ENV APP_NAME                                        confluence
ENV RUN_USER                                        confluence
ENV RUN_GROUP                                       confluence
ENV RUN_UID                                         2002
ENV RUN_GID                                         2002
ENV CONFLUENCE_HOME                                 /var/atlassian/application-data/confluence
ENV CONFLUENCE_INSTALL_DIR                          /opt/atlassian/confluence
ENV CONFLUENCE_LOG_STDOUT                           false
ARG CONFLUENCE_VERSION
ARG DOWNLOAD_URL=https://product-downloads.atlassian.com/software/confluence/downloads/atlassian-confluence-${CONFLUENCE_VERSION}.tar.gz
ENV CONFLUENCE_VERSION                              ${CONFLUENCE_VERSION}

WORKDIR $CONFLUENCE_HOME

COPY entrypoint.py shutdown-wait.sh shared-components/image/entrypoint_helpers.py  /
COPY shared-components/support /opt/atlassian/support
COPY config/*                 /opt/atlassian/etc/
COPY --from=fonts            /usr/share/fonts/truetype/noto/ /usr/share/fonts/truetype/noto

RUN microdnf upgrade -y \
             --refresh \
             --best \
             --nodocs \
             --noplugins \
             --setopt=install_weak_deps=0 \
    && microdnf update -y \
    && microdnf install -y --setopt=install_weak_deps=0 fontconfig python3 python3-jinja2 gzip procps-ng util-linux which \
    && microdnf clean all

RUN groupadd --gid ${RUN_GID} ${RUN_GROUP} \
    && useradd --uid ${RUN_UID} --gid ${RUN_GID} --home-dir ${CONFLUENCE_HOME} --shell /bin/bash ${RUN_USER} \
    && echo PATH=$PATH > /etc/environment \
    && mkdir -p                                     ${CONFLUENCE_INSTALL_DIR} \
    && curl -fsSL ${DOWNLOAD_URL} -o /tmp/atlassian-confluence-${CONFLUENCE_VERSION}.tar.gz \
    && curl -fsSL ${DOWNLOAD_URL}.sha256 -o /tmp/atlassian-confluence-${CONFLUENCE_VERSION}.tar.gz.sha256 \
    && set -e; cd /tmp && sha256sum -c atlassian-confluence-${CONFLUENCE_VERSION}.tar.gz.sha256 \
    && tar -xf /tmp/atlassian-confluence-${CONFLUENCE_VERSION}.tar.gz --strip-components=1 -C "${CONFLUENCE_INSTALL_DIR}" \
    && rm /tmp/atlassian-confluence* \
    && chmod -R 550                                 ${CONFLUENCE_INSTALL_DIR}/ \
    && chown -R ${RUN_USER}:root                    ${CONFLUENCE_INSTALL_DIR}/ \
    && for dir in logs temp work; do \
         chmod -R 770 ${CONFLUENCE_INSTALL_DIR}/${dir}; \
       done \
    && chown -R ${RUN_USER}:${RUN_GROUP} ${CONFLUENCE_HOME} \
    && for file in "/opt/atlassian/support /entrypoint.py /entrypoint_helpers.py /shutdown-wait.sh"; do \
       chmod -R "u=rwX,g=rX,o=rX" ${file} && \
       chown -R root ${file}; done \
    && sed -i -e 's/-Xms\([0-9]\+[kmg]\) -Xmx\([0-9]\+[kmg]\)/-Xms\${JVM_MINIMUM_MEMORY:=\1} -Xmx\${JVM_MAXIMUM_MEMORY:=\2} -Dconfluence.home=\${CONFLUENCE_HOME}/g' ${CONFLUENCE_INSTALL_DIR}/bin/setenv.sh \
    && sed -i -e 's/-XX:ReservedCodeCacheSize=\([0-9]\+[kmg]\)/-XX:ReservedCodeCacheSize=${JVM_RESERVED_CODE_CACHE_SIZE:=\1}/g' ${CONFLUENCE_INSTALL_DIR}/bin/setenv.sh \
    && sed -i -e 's/export CATALINA_OPTS/CATALINA_OPTS="\${CATALINA_OPTS} \${JVM_SUPPORT_RECOMMENDED_ARGS} -DConfluenceHomeLogAppender.disabled=${CONFLUENCE_LOG_STDOUT}"\n\nexport CATALINA_OPTS/g' ${CONFLUENCE_INSTALL_DIR}/bin/setenv.sh \
    && mkdir -p ${JAVA_HOME}/lib/fonts/fallback/ \
    && ln -sf /usr/share/fonts/truetype/noto/* ${JAVA_HOME}/lib/fonts/fallback/

VOLUME ["${CONFLUENCE_HOME}"]

EXPOSE 8090
EXPOSE 8091

ENTRYPOINT ["/entrypoint.py"]