Spaces:

MWasil
/

customer-support-agent-space

Running

customer-support-agent-space / Dockerfile

Mohammad Wasil

final update

e1550b3 1 day ago

2.88 kB

	FROM python:3.10.9-slim

	ENV PYTHONUNBUFFERED=1
	ENV DEBIAN_FRONTEND=noninteractive

	# -------------------------
	# System dependencies
	# -------------------------
	RUN apt-get update && apt-get install -y \
	curl \
	ca-certificates \
	gnupg \
	&& rm -rf /var/lib/apt/lists/*

	# -------------------------
	# Grafana APT repository (REQUIRED)
	# -------------------------
	RUN mkdir -p /usr/share/keyrings \
	&& curl -fsSL https://apt.grafana.com/gpg.key \
	\| gpg --dearmor -o /usr/share/keyrings/grafana.gpg \
	&& echo "deb [signed-by=/usr/share/keyrings/grafana.gpg] https://apt.grafana.com stable main" \
	> /etc/apt/sources.list.d/grafana.list

	# -------------------------
	# Install Prometheus & Grafana
	# -------------------------
	RUN apt-get update && apt-get install -y \
	prometheus \
	grafana \
	&& rm -rf /var/lib/apt/lists/*

	# -------------------------
	# Non-root user (HF requirement)
	# -------------------------
	RUN useradd -m -u 1000 appuser
	WORKDIR /app

	# -------------------------
	# Python dependencies
	# -------------------------
	COPY requirements.txt .
	RUN pip install --no-cache-dir -r requirements.txt

	# -------------------------
	# Copy app
	# -------------------------
	COPY --chown=appuser:appuser . .

	# -------------------------
	# HF writable directories
	# -------------------------
	RUN mkdir -p /tmp/prometheus /tmp/grafana /tmp/chroma_db \
	&& chown -R appuser:appuser /tmp/prometheus /tmp/grafana /tmp/chroma_db \
	&& chmod -R 700 /tmp/prometheus /tmp/grafana /tmp/chroma_db

	# -------------------------
	# Grafana ENV (HF reverse proxy)
	# -------------------------
	ENV GF_SERVER_ROOT_URL=%(protocol)s://%(domain)s/grafana
	ENV GF_SERVER_SERVE_FROM_SUB_PATH=true
	ENV GF_SERVER_HTTP_PORT=3000

	ENV GF_PATHS_DATA=/tmp/grafana
	ENV GF_PATHS_LOGS=/tmp/grafana
	ENV GF_PATHS_PLUGINS=/tmp/grafana

	ENV GF_AUTH_ANONYMOUS_ENABLED=true
	ENV GF_AUTH_ANONYMOUS_ORG_ROLE=Viewer

	# -------------------------
	# Startup script (HF safe)
	# -------------------------
	RUN printf '%s\n' \
	'#!/usr/bin/env bash' \
	'set -e' \
	'echo "Starting Prometheus..."' \
	'prometheus \
	--config.file=/app/monitoring/prometheus.yml \
	--storage.tsdb.path=/tmp/prometheus \
	--storage.tsdb.retention.time=1d \
	--log.level=warn \
	--log.format=logfmt &' \
	'' \
	'echo "Starting Grafana..."' \
	'/usr/sbin/grafana-server --homepath=/usr/share/grafana &' \
	'' \
	'echo "Waiting for Grafana..."' \
	'until curl -sf http://127.0.0.1:3000/api/health; do sleep 1; done' \
	'' \
	'echo "Starting FastAPI..."' \
	'exec python -m uvicorn main:app --host 0.0.0.0 --port 7860' \
	> /app/start.sh \
	&& chown appuser:appuser /app/start.sh \
	&& chmod +x /app/start.sh

	# -------------------------
	# Runtime
	# -------------------------
	USER appuser
	EXPOSE 7860

	HEALTHCHECK --interval=60s --timeout=5s \
	CMD curl --fail http://localhost:7860/health \|\| exit 1

	CMD ["/app/start.sh"]