| FROM python:3.9 | |
| # Workdir for build steps | |
| WORKDIR /code | |
| # Install system dependencies (Run as ROOT) | |
| # This ensures we have permission to install system packages | |
| USER root | |
| RUN apt-get update && apt-get install -y \ | |
| ffmpeg \ | |
| libsm6 \ | |
| libxext6 \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # Copy requirements file | |
| COPY requirements.txt /code/requirements.txt | |
| # Install Python dependencies globally (Run as ROOT) | |
| # Installing as root avoids permission issues with /home/user/.local | |
| RUN pip install --no-cache-dir --upgrade -r /code/requirements.txt | |
| # Create a non-root user (Required by Hugging Face Spaces) | |
| RUN useradd -m -u 1000 user | |
| # Switch to the non-root user for the application runtime | |
| USER user | |
| ENV HOME=/home/user \ | |
| PATH=/home/user/.local/bin:$PATH | |
| # Set working directory to the user's home/app | |
| WORKDIR $HOME/app | |
| # Copy the application code (Run as USER) | |
| # We change ownership to the user so they can read/write if needed | |
| COPY --chown=user . $HOME/app | |
| # Download models (Run as USER) | |
| # This ensures models are saved to /home/user/.u2net, which the app can read | |
| RUN python download_models.py | |
| # Expose the application port | |
| EXPOSE 7860 | |
| # Command to run the application | |
| CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "7860"] | |