Spaces:
Sleeping
Sleeping
fix dockerfile
Browse files- Dockerfile +13 -4
Dockerfile
CHANGED
|
@@ -5,20 +5,28 @@ COPY --from=ghcr.io/astral-sh/uv:latest /uv /uvx /bin/
|
|
| 5 |
|
| 6 |
WORKDIR /app
|
| 7 |
|
|
|
|
| 8 |
# Environment
|
|
|
|
| 9 |
ENV PYTHONUNBUFFERED=1 \
|
| 10 |
UV_COMPILE_BYTECODE=1 \
|
| 11 |
-
UV_SYSTEM_PYTHON=1
|
|
|
|
|
|
|
|
|
|
| 12 |
|
| 13 |
-
# System deps
|
| 14 |
RUN apt-get update && apt-get install -y --no-install-recommends \
|
| 15 |
build-essential \
|
| 16 |
libpq-dev \
|
| 17 |
gcc \
|
| 18 |
&& rm -rf /var/lib/apt/lists/*
|
| 19 |
|
| 20 |
-
# Create non-root user
|
| 21 |
-
RUN addgroup --system app &&
|
|
|
|
|
|
|
|
|
|
| 22 |
|
| 23 |
# Dependency layer
|
| 24 |
COPY pyproject.toml uv.lock ./
|
|
@@ -28,6 +36,7 @@ RUN uv sync --frozen
|
|
| 28 |
COPY . .
|
| 29 |
|
| 30 |
RUN chown -R app:app /app
|
|
|
|
| 31 |
USER app
|
| 32 |
|
| 33 |
EXPOSE 7860
|
|
|
|
| 5 |
|
| 6 |
WORKDIR /app
|
| 7 |
|
| 8 |
+
# -------------------------
|
| 9 |
# Environment
|
| 10 |
+
# -------------------------
|
| 11 |
ENV PYTHONUNBUFFERED=1 \
|
| 12 |
UV_COMPILE_BYTECODE=1 \
|
| 13 |
+
UV_SYSTEM_PYTHON=1 \
|
| 14 |
+
HOME=/home/app \
|
| 15 |
+
XDG_CACHE_HOME=/home/app/.cache \
|
| 16 |
+
UV_CACHE_DIR=/home/app/.cache/uv
|
| 17 |
|
| 18 |
+
# System deps
|
| 19 |
RUN apt-get update && apt-get install -y --no-install-recommends \
|
| 20 |
build-essential \
|
| 21 |
libpq-dev \
|
| 22 |
gcc \
|
| 23 |
&& rm -rf /var/lib/apt/lists/*
|
| 24 |
|
| 25 |
+
# Create non-root user WITH home directory
|
| 26 |
+
RUN addgroup --system app && \
|
| 27 |
+
adduser --system --group --home /home/app app && \
|
| 28 |
+
mkdir -p /home/app/.cache/uv && \
|
| 29 |
+
chown -R app:app /home/app
|
| 30 |
|
| 31 |
# Dependency layer
|
| 32 |
COPY pyproject.toml uv.lock ./
|
|
|
|
| 36 |
COPY . .
|
| 37 |
|
| 38 |
RUN chown -R app:app /app
|
| 39 |
+
|
| 40 |
USER app
|
| 41 |
|
| 42 |
EXPOSE 7860
|