# 強制指定使用 bookworm (Debian 12) 基礎映像檔
FROM php:8.2-apache-bookworm

SHELL ["/bin/bash", "-o", "pipefail", "-c"]

# 1. 修正網路連線並安裝系統相依套件 (使用台灣 NCHC 鏡像站)
RUN rm -f /etc/apt/sources.list.d/debian.sources /etc/apt/sources.list && \
    printf "deb https://free.nchc.org.tw/debian bookworm main contrib non-free non-free-firmware\n\
deb https://free.nchc.org.tw/debian bookworm-updates main contrib non-free non-free-firmware\n\
deb https://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware\n" > /etc/apt/sources.list && \
    apt-get -o Acquire::https::Verify-Peer=false update && \
    apt-get install -y --no-install-recommends -o Acquire::https::Verify-Peer=false \
    ca-certificates \
    curl \
    gnupg \
    gnupg2 && \
    apt-get update && apt-get install -y --no-install-recommends \
    lsb-release \
    libfreetype6-dev \
    libjpeg62-turbo-dev \
    libpng-dev \
    libgmp-dev \
    libxml2-dev \
    libcurl4-gnutls-dev \
    libmariadb-dev-compat \
    libmariadb-dev \
    libpq-dev \
    libsqlite3-dev \
    unixodbc-dev \
    libmemcached-dev \
    zlib1g-dev \
    && rm -rf /var/lib/apt/lists/*

# 2. 安裝微軟 ODBC Driver for SQL Server
RUN curl -fsSL https://packages.microsoft.com/keys/microsoft.asc \
      | gpg --dearmor -o /usr/share/keyrings/microsoft-prod.gpg \
    && echo "deb [arch=amd64,arm64 signed-by=/usr/share/keyrings/microsoft-prod.gpg] https://packages.microsoft.com/debian/12/prod bookworm main" \
      > /etc/apt/sources.list.d/mssql-release.list \
    && apt-get update && ACCEPT_EULA=Y apt-get install -y --no-install-recommends \
      msodbcsql18 \
      mssql-tools18 \
    && rm -rf /var/lib/apt/lists/*

ENV PATH="$PATH:/opt/mssql-tools18/bin"

# 3. 安裝 PHP 內建擴充
RUN docker-php-ext-configure gd --with-freetype --with-jpeg \
    && docker-php-ext-configure gmp \
    && docker-php-ext-install -j"$(nproc)" \
      gd exif gmp mysqli pdo_mysql pdo_pgsql pgsql pdo_sqlite opcache

# 4. 安裝 PECL 擴充 (xmlrpc, sqlsrv, pdo_sqlsrv, memcached)
RUN pecl install channel://pecl.php.net/xmlrpc-1.0.0RC3 \
    && pecl install sqlsrv pdo_sqlsrv \
    && pecl install memcached \
    && docker-php-ext-enable xmlrpc sqlsrv pdo_sqlsrv memcached

# 5. SQL Server TLS workaround (修正舊版 SQL Server 連線問題)
RUN echo 'openssl_conf = default_conf' > /etc/ssl/openssl_custom.cnf \
    && echo '[default_conf]' >> /etc/ssl/openssl_custom.cnf \
    && echo 'ssl_conf = ssl_sect' >> /etc/ssl/openssl_custom.cnf \
    && echo '[ssl_sect]' >> /etc/ssl/openssl_custom.cnf \
    && echo 'system_default = system_default_sect' >> /etc/ssl/openssl_custom.cnf \
    && echo '[system_default_sect]' >> /etc/ssl/openssl_custom.cnf \
    && echo 'CipherString = DEFAULT@SECLEVEL=0' >> /etc/ssl/openssl_custom.cnf \
    && echo 'Options = UnsafeLegacyRenegotiation' >> /etc/ssl/openssl_custom.cnf

ENV OPENSSL_CONF=/etc/ssl/openssl_custom.cnf

# 6. 設定 Apache Log 獨立目錄 (不在 /var/www/html 內)
RUN mkdir -p /var/log/apache2/custom && chown -R www-data:www-data /var/log/apache2/custom

# 修改 Apache 預設站台設定，指向自定義 Log 路徑
RUN sed -i 's|${APACHE_LOG_DIR}/access.log|/var/log/apache2/custom/access.log|g' /etc/apache2/sites-available/000-default.conf && \
    sed -i 's|${APACHE_LOG_DIR}/error.log|/var/log/apache2/custom/error.log|g' /etc/apache2/sites-available/000-default.conf

WORKDIR /var/www/html

# 啟用 Apache Rewrite 模組
RUN a2enmod rewrite