# ============================================ # AudioForge Backend - Production Dockerfile # ============================================ # Multi-stage build for optimized image size # Includes health checks and security best practices FROM python:3.11-slim AS base # Set environment variables ENV PYTHONUNBUFFERED=1 \ PYTHONDONTWRITEBYTECODE=1 \ PIP_NO_CACHE_DIR=1 \ PIP_DISABLE_PIP_VERSION_CHECK=1 # ============================================ # Builder Stage # ============================================ FROM base AS builder WORKDIR /build # Install build dependencies RUN apt-get update && apt-get install -y --no-install-recommends \ build-essential \ git \ curl \ && rm -rf /var/lib/apt/lists/* # Copy dependency files COPY pyproject.toml ./ # Install dependencies RUN pip install --no-cache-dir uv && \ uv pip install --system -e ".[dev]" # ============================================ # Runtime Stage # ============================================ FROM base AS runtime WORKDIR /app # Install runtime dependencies only RUN apt-get update && apt-get install -y --no-install-recommends \ ffmpeg \ libsndfile1 \ curl \ && rm -rf /var/lib/apt/lists/* \ && apt-get clean # Copy Python packages from builder COPY --from=builder /usr/local/lib/python3.11/site-packages /usr/local/lib/python3.11/site-packages COPY --from=builder /usr/local/bin /usr/local/bin # Create non-root user for security RUN groupadd -r audioforge && \ useradd -r -g audioforge -u 1000 audioforge && \ mkdir -p /app/storage/audio/{music,vocals,mixed,mastered} && \ chown -R audioforge:audioforge /app # Copy application code COPY --chown=audioforge:audioforge . . # Switch to non-root user USER audioforge # Health check HEALTHCHECK --interval=30s --timeout=10s --start-period=40s --retries=3 \ CMD curl -f http://localhost:8000/health || exit 1 # Expose port EXPOSE 8000 # Labels for metadata LABEL maintainer="AudioForge Team" \ version="1.0.0" \ description="AudioForge Backend API - Production Ready" \ org.opencontainers.image.source="https://github.com/audioforge/audioforge" # Run application with production settings CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000", "--workers", "4", "--log-level", "info"]