feat : Added deployable files

.dockerignore

@@ -17,8 +17,11 @@ env/
 *.egg-info/
 .pytest_cache/
 
+
 # Node
 node_modules/
+frontend/node_modules/
+frontend/dist/
 npm-debug.log
 yarn-error.log
 

Dockerfile

@@ -0,0 +1,42 @@
+# Stage 1: Build frontend
+FROM node:18-alpine AS frontend-build
+WORKDIR /build
+COPY frontend/package*.json ./frontend/
+COPY frontend/ ./
+RUN npm ci
+RUN npm run build
+
+# Stage 2: Build backend
+FROM python:3.11-slim AS backend-build
+RUN useradd -m -u 1000 user
+ENV HOME=/home/user \
+    PATH=/home/user/.local/bin:$PATH
+WORKDIR /home/user/app
+RUN apt-get update && apt-get install -y gcc && rm -rf /var/lib/apt/lists/*
+COPY backend/requirements.txt /tmp/requirements.txt
+RUN pip install --no-cache-dir -r /tmp/requirements.txt
+COPY backend/ /home/user/app
+COPY --from=frontend-build /build/dist /home/user/app/frontend_dist
+COPY backend/entrypoint.sh /home/user/app/entrypoint.sh
+RUN chmod +x /home/user/app/entrypoint.sh || true
+RUN mkdir -p /data && chmod 700 /data
+USER user
+RUN pip install --no-cache-dir --upgrade pip
+
+# Stage 3: Final image with nginx and supervisord
+FROM python:3.11-slim
+RUN apt-get update && apt-get install -y nginx supervisor gcc && rm -rf /var/lib/apt/lists/*
+RUN useradd -m -u 1000 user
+ENV HOME=/home/user \
+    PATH=/home/user/.local/bin:$PATH
+WORKDIR /home/user/app
+COPY --from=backend-build /home/user/app /home/user/app
+COPY --from=backend-build /data /data
+COPY nginx.conf /etc/nginx/nginx.conf
+COPY supervisord.conf /etc/supervisor/conf.d/supervisord.conf
+RUN chmod +x /home/user/app/entrypoint.sh || true
+RUN mkdir -p /data && chmod 700 /data
+USER user
+EXPOSE 8000 80
+ENTRYPOINT ["/home/user/app/entrypoint.sh"]
+CMD ["supervisord", "-c", "/etc/supervisor/conf.d/supervisord.conf"]

README.md

@@ -4,6 +4,7 @@ emoji: ⚡
 colorFrom: red
 colorTo: indigo
 sdk: docker
+app_port: 80
 pinned: false
 license: mit
 short_description: Semantic, shared AI project memory.

backend/Dockerfile

@@ -1,28 +1,43 @@
-# Backend Dockerfile
 FROM python:3.11-slim
 
-# Set working directory
-WORKDIR /app
+# Create a non-root user with UID 1000 (matches HF Spaces runtime)
+RUN useradd -m -u 1000 user
 
-# Install system dependencies
+# Set HOME and include user's local bin in PATH
+ENV HOME=/home/user \
+    PATH=/home/user/.local/bin:$PATH
+
+# Set working directory early to avoid permission issues
+WORKDIR $HOME/app
+
+# Install system dependencies as root
 RUN apt-get update && apt-get install -y \
     gcc \
     && rm -rf /var/lib/apt/lists/*
 
 # Copy requirements first for better caching
-COPY requirements.txt .
+COPY requirements.txt /tmp/requirements.txt
+
+# Install Python dependencies (system-wide)
+RUN pip install --no-cache-dir -r /tmp/requirements.txt
+
+# Copy the application and set ownership to 'user' at copy time to avoid expensive chowns
+COPY --chown=user:user . $HOME/app
+
+# Ensure entrypoint is executable (no-op if missing)
+RUN chmod +x $HOME/app/entrypoint.sh || true
 
-# Install Python dependencies
-RUN pip install --no-cache-dir -r requirements.txt
+# Create /data directory (runtime-mounted on HF Spaces) with safe permissions
+RUN mkdir -p /data && chmod 700 /data
 
-# Copy application code
-COPY . .
+# Switch to non-root user for subsequent steps and runtime
+USER user
 
-# Create directory for database
-RUN mkdir -p /app/data
+# Upgrade pip in user's environment
+RUN pip install --no-cache-dir --upgrade pip
 
-# Expose port
+# Expose the port and set entrypoint to prepare /data at runtime
 EXPOSE 8000
 
-# Run the application
+ENTRYPOINT ["/home/user/app/entrypoint.sh"]
 CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]

backend/entrypoint.sh

@@ -0,0 +1,10 @@
+#!/bin/sh
+set -e
+
+# Ensure /data exists and has safe permissions. On HF Spaces /data is mounted at runtime when
+# persistent storage is enabled. Creating it here is harmless for local runs.
+mkdir -p /data
+chmod 700 /data || true
+
+# Execute the command (or CMD) passed to the container
+exec "$@"

nginx.conf

@@ -0,0 +1,36 @@
+user  nginx;
+worker_processes  auto;
+error_log  /var/log/nginx/error.log warn;
+pid        /var/run/nginx.pid;
+
+# events block
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+    sendfile        on;
+    keepalive_timeout  65;
+
+    server {
+        listen 80;
+        server_name localhost;
+
+        # Serve frontend static files
+        location / {
+            root /home/user/app/frontend_dist;
+            try_files $uri $uri/ /index.html;
+        }
+
+        # Proxy API requests to backend
+        location /api/ {
+            proxy_pass http://127.0.0.1:8000/api/;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+    }
+}

supervisord.conf

@@ -0,0 +1,14 @@
+[supervisord]
+nodaemon=true
+
+[program:nginx]
+command=/usr/sbin/nginx -g 'daemon off;'
+autostart=true
+autorestart=true
+
+[program:uvicorn]
+command=uvicorn app.main:app --host 0.0.0.0 --port 8000
+directory=/home/user/app
+autostart=true
+autorestart=true
+user=user