Spaces:

NitinBot001
/

Language_Translator_api

Sleeping

App Files Files Community

Language_Translator_api / Dockerfile

NitinBot001

Update Dockerfile

7310181 verified 4 months ago

raw

history blame

2.69 kB

	FROM python:3.11.11-slim-bullseye

	# Install system dependencies as root
	RUN apt-get update -qq \
	&& apt-get -qqq install --no-install-recommends -y \
	pkg-config gcc g++ git curl \
	&& apt-get clean \
	&& rm -rf /var/lib/apt/lists/*

	# Create non-root user with specific UID/GID
	# Using UID/GID 1000 which is common for the first user
	RUN groupadd -r -g 1000 libretranslate \
	&& useradd -r -u 1000 -g 1000 -m -d /home/libretranslate -s /bin/bash libretranslate

	# Set working directory
	WORKDIR /app

	# Clone repository as root, then change ownership
	RUN git clone https://github.com/LibreTranslate/LibreTranslate.git . \
	&& chown -R libretranslate:libretranslate /app \
	&& apt-get remove -y git \
	&& apt-get autoremove -y \
	&& apt-get clean \
	&& rm -rf /var/lib/apt/lists/*

	# Create necessary directories with proper permissions
	RUN mkdir -p /app/db /app/logs /tmp/prometheus_data \
	&& chown -R libretranslate:libretranslate /app /tmp/prometheus_data \
	&& chmod 755 /app /app/db /app/logs /tmp/prometheus_data

	# Switch to non-root user for all subsequent operations
	USER libretranslate

	# Create virtual environment as non-root user
	RUN python -m venv venv \
	&& ./venv/bin/pip install --upgrade pip wheel

	# Install Python dependencies as non-root user
	RUN ./venv/bin/pip install Babel==2.12.1 \
	&& ./venv/bin/python scripts/compile_locales.py \
	&& ./venv/bin/pip install torch==2.2.0 --extra-index-url https://download.pytorch.org/whl/cpu \
	&& ./venv/bin/pip install "numpy<2" \
	&& ./venv/bin/pip install -e . \
	&& ./venv/bin/pip install gunicorn \
	&& ./venv/bin/pip cache purge

	# Create wsgi.py as non-root user
	RUN echo 'from app.main import create_app\n\
	\n\
	def app(args, *kwargs):\n\
	import argparse\n\
	parser = argparse.ArgumentParser()\n\
	import app.main as main\n\
	main.get_args(parser)\n\
	args = parser.parse_args([])\n\
	for k, v in kwargs.items():\n\
	setattr(args, k, v)\n\
	return create_app(args)' > /app/wsgi.py

	# Set environment variables
	ENV PROMETHEUS_MULTIPROC_DIR=/tmp/prometheus_data
	ENV HOME=/home/libretranslate
	ENV USER=libretranslate

	# Expose port (as non-root, can only bind to ports > 1024)
	EXPOSE 7860

	# Health check running as non-root
	HEALTHCHECK --interval=30s --timeout=3s --start-period=40s --retries=3 \
	CMD ./venv/bin/python -c "import urllib.request; urllib.request.urlopen('http://localhost:7860/languages').read()"

	# Run gunicorn as non-root user
	CMD ["./venv/bin/gunicorn", \
	"--workers", "3", \
	"--bind", "0.0.0.0:7860", \
	"--timeout", "300", \
	"--log-level", "info", \
	"--access-logfile", "-", \
	"--error-logfile", "-", \
	"wsgi:app"]