Dockerfile

# Use Ubuntu 22.04 as base
FROM ubuntu:22.04

# Environment setup
ENV DEBIAN_FRONTEND=noninteractive \
    PYTHONUNBUFFERED=1 \
    UVICORN_PORT=8000 \
    NEXT_PORT=3000 \
    HF_SPACES_PORT=7860 \
    POSTGRES_USER=postgres \
    POSTGRES_PASSWORD=postgres \
    POSTGRES_DB=surfsense \
    REDIS_PORT=6379

# Install system dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
    curl git build-essential libpq-dev \
    postgresql-14 postgresql-contrib-14 postgresql-server-dev-14 \
    redis-server nginx \
    python3 python3-venv python3-pip \
    ca-certificates sudo procps netcat-openbsd \
    && rm -rf /var/lib/apt/lists/*

# Install Node.js 20 (LTS) + pnpm
RUN curl -fsSL https://deb.nodesource.com/setup_20.x | bash - && \
    apt-get install -y nodejs && \
    npm install -g pnpm

# Install pgvector extension
RUN git clone https://github.com/pgvector/pgvector.git && \
    cd pgvector && make && make install && cd .. && rm -rf pgvector

# Install uv for Python dependencies
RUN curl -fsSL https://astral.sh/uv/install.sh | sh
ENV PATH="/root/.local/bin:${PATH}"
RUN which uv && uv --version

# Clone SurfSense repository
WORKDIR /app
RUN git clone https://github.com/MODSetter/SurfSense.git . && \
    git checkout main

# Properly initialize PostgreSQL
RUN rm -rf /var/lib/postgresql/14/main && \
    mkdir -p /var/lib/postgresql/14/main && \
    chown -R postgres:postgres /var/lib/postgresql && \
    su - postgres -c "/usr/lib/postgresql/14/bin/initdb -D /var/lib/postgresql/14/main"

# Configure PostgreSQL
RUN sed -i "s/#listen_addresses = 'localhost'/listen_addresses = '*'/g" /etc/postgresql/14/main/postgresql.conf && \
    echo "host all all 0.0.0.0/0 trust" >> /etc/postgresql/14/main/pg_hba.conf

# Configure Redis
RUN sed -i 's/bind 127.0.0.1/bind 0.0.0.0/' /etc/redis/redis.conf && \
    echo "protected-mode no" >> /etc/redis/redis.conf

# Configure Nginx
RUN rm /etc/nginx/sites-enabled/default
COPY nginx.conf /etc/nginx/sites-available/surfsense
RUN ln -s /etc/nginx/sites-available/surfsense /etc/nginx/sites-enabled/
RUN mkdir -p /var/www/html

# Backend setup
WORKDIR /app/surfsense_backend
RUN uv venv && \
    . .venv/bin/activate && \
    uv sync

# Backend environment configuration
RUN echo "DATABASE_URL=postgresql+asyncpg://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:5432/${POSTGRES_DB}" > .env && \
    echo "SECRET_KEY=$(openssl rand -hex 32)" >> .env && \
    echo "NEXT_FRONTEND_URL=https://charan5775-scense.hf.space" >> .env && \
    echo "AUTH_TYPE=LOCAL" >> .env && \
    echo "EMBEDDING_MODEL=sentence-transformers/all-MiniLM-L6-v2" >> .env && \
    echo "RERANKERS_MODEL_NAME=ms-marco-MiniLM-L-12-v2" >> .env && \
    echo "RERANKERS_MODEL_TYPE=flashrank" >> .env && \
    echo "TTS_SERVICE=local/kokoro" >> .env && \
    echo "STT_SERVICE=local/base" >> .env && \
    echo "ETL_SERVICE=DOCLING" >> .env && \
    echo "CELERY_BROKER_URL=redis://localhost:${REDIS_PORT}/0" >> .env && \
    echo "CELERY_RESULT_BACKEND=redis://localhost:${REDIS_PORT}/0" >> .env && \
    echo "REGISTRATION_ENABLED=TRUE" >> .env && \
    echo "UVICORN_HOST=0.0.0.0" >> .env && \
    echo "UVICORN_PORT=${UVICORN_PORT}" >> .env

# Frontend setup
WORKDIR /app/surfsense_web
RUN pnpm install

# Frontend environment configuration
RUN echo "NEXT_PUBLIC_FASTAPI_BACKEND_URL=https://charan5775-scense.hf.space/pi" > .env && \
    echo "NEXT_PUBLIC_FASTAPI_BACKEND_AUTH_TYPE=LOCAL" >> .env && \
    echo "NEXT_PUBLIC_ETL_SERVICE=DOCLING" >> .env

# Copy entrypoint script
COPY entrypoint.sh /app/entrypoint.sh
RUN chmod +x /app/entrypoint.sh && chmod +x /app/*.sh
RUN pip install -U langgraph

# Expose the Hugging Face public port
EXPOSE ${HF_SPACES_PORT}

# Healthcheck
HEALTHCHECK --interval=30s --timeout=30s --start-period=5s --retries=3 \
    CMD curl -f http://0.0.0.0:${HF_SPACES_PORT}/health || exit 1

# Start all services (Postgres, Redis, Backend, Frontend, Nginx)
ENTRYPOINT ["/app/entrypoint.sh"]