Spaces:
Paused
Paused
| # Use the official Python 3.9 image | |
| FROM python:3.9 | |
| # 1. Set up system dependencies as ROOT (default) | |
| RUN apt-get update && apt-get install -y \ | |
| curl \ | |
| ca-certificates \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # 2. Install cloudflared as ROOT | |
| RUN curl -fsSL https://pkg.cloudflare.com/cloudflare-public-v2.gpg \ | |
| | tee /usr/share/keyrings/cloudflare-public-v2.gpg >/dev/null && \ | |
| echo "deb [signed-by=/usr/share/keyrings/cloudflare-public-v2.gpg] https://pkg.cloudflare.com/cloudflared any main" \ | |
| | tee /etc/apt/sources.list.d/cloudflared.list && \ | |
| apt-get update && \ | |
| apt-get install -y cloudflared && \ | |
| rm -rf /var/lib/apt/lists/* | |
| # 3. Now create the user and set up the environment | |
| RUN useradd -m -u 1000 user | |
| ENV HOME=/home/user \ | |
| PATH=/home/user/.local/bin:$PATH | |
| WORKDIR $HOME/app | |
| # 4. Switch to the non-root user for app-specific tasks | |
| USER user | |
| # 5. Copy files and install Python requirements | |
| COPY --chown=user . $HOME/app | |
| RUN pip install --no-cache-dir --upgrade -r requirements.txt | |
| # Expose port | |
| EXPOSE 7860 | |
| # 6. Run the application | |
| # Note: Using '&&' instead of '&' ensures the tunnel starts before the app, | |
| # or use a shell script if you need them to run truly in parallel. | |
| CMD cloudflared tunnel run --token $CLOUDFLARED_TOKEN & python app.py |