Hugging Face's logo

Spaces:
Pawitt
/
space
Sleeping

App Files Community
Pawitt commited on
Commit
365cdd0
·
verified ·
1 Parent(s): b4b288f

Update Dockerfile

Browse files
Files changed (1) hide show
  1. Dockerfile +48 -31
Dockerfile CHANGED
@@ -1,9 +1,10 @@
1
  FROM nvidia/cuda:12.5.1-cudnn-devel-ubuntu20.04
2
 
3
  ENV DEBIAN_FRONTEND=noninteractive \
4
- TZ=Europe/Paris
5
 
6
- # Remove any third-party apt sources and install utilities
 
7
  RUN rm -f /etc/apt/sources.list.d/*.list && \
8
  apt-get update && apt-get install -y --no-install-recommends \
9
  curl \
@@ -25,28 +26,31 @@ RUN rm -f /etc/apt/sources.list.d/*.list && \
25
  software-properties-common \
26
  && rm -rf /var/lib/apt/lists/*
27
 
28
- # Add nvtop for monitoring Nvidia GPUs
29
  RUN add-apt-repository ppa:flexiondotorg/nvtop && \
30
  apt-get upgrade -y && \
31
  apt-get install -y --no-install-recommends nvtop
32
 
33
- # Install Node.js
34
  RUN curl -sL https://deb.nodesource.com/setup_21.x | bash - && \
35
  apt-get install -y nodejs && \
36
  npm install -g configurable-http-proxy
37
 
38
- # Create a non-root user
 
 
 
39
  RUN adduser --disabled-password --gecos '' --shell /bin/bash user \
40
- && usermod -aG sudo user \ # Add user to sudo group
41
- && echo "user ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/90-user \
42
- && chown -R user:user /app /home/user # Ensure ownership
 
 
43
 
44
- # Set the home directory and permissions
45
  ENV HOME=/home/user
46
  RUN mkdir $HOME/.cache $HOME/.config \
47
  && chmod -R 777 $HOME
48
 
49
- # Install Miniconda for the user
50
  ENV CONDA_AUTO_UPDATE_CONDA=false \
51
  PATH=$HOME/miniconda/bin:$PATH
52
  RUN curl -sLo ~/miniconda.sh https://repo.continuum.io/miniconda/Miniconda3-py39_4.10.3-Linux-x86_64.sh \
@@ -55,36 +59,49 @@ RUN curl -sLo ~/miniconda.sh https://repo.continuum.io/miniconda/Miniconda3-py39
55
  && rm ~/miniconda.sh \
56
  && conda clean -ya
57
 
58
- # Set up application folder
59
  WORKDIR $HOME/app
60
 
61
- # Copy any necessary files and set ownership
62
- COPY --chown=user . $HOME/app
 
63
 
64
- # Make the start script executable
65
- RUN chmod +x start_server.sh
66
 
67
- # Replace the login.html file
68
- COPY --chown=user login.html /home/user/miniconda/lib/python3.9/site-packages/jupyter_server/templates/login.html
 
 
 
 
69
 
70
- # Set environment variables for Gradio
71
- ENV PYTHONUNBUFFERED=1 \
72
- GRADIO_ALLOW_FLAGGING=never \
73
- GRADIO_NUM_PORTS=1 \
74
- GRADIO_SERVER_NAME=0.0.0.0 \
75
- GRADIO_THEME=huggingface \
76
- SYSTEM=spaces \
77
- SHELL=/bin/bash
78
 
79
- # Ensure the user has proper permissions
80
- RUN chown -R user:user /data /app /home/user
81
 
82
- # Switch to the non-root user
83
- USER user
 
 
 
84
 
85
- # Install Python dependencies
86
  RUN --mount=target=requirements.txt,source=requirements.txt \
87
  pip install --no-cache-dir --upgrade -r requirements.txt
88
 
89
- # Start the server
 
 
 
 
 
 
 
 
 
 
 
 
 
 
90
  CMD ["./start_server.sh"]
 
1
  FROM nvidia/cuda:12.5.1-cudnn-devel-ubuntu20.04
2
 
3
  ENV DEBIAN_FRONTEND=noninteractive \
4
+ TZ=Europe/Paris
5
 
6
+ # Remove any third-party apt sources to avoid issues with expiring keys.
7
+ # Install some basic utilities
8
  RUN rm -f /etc/apt/sources.list.d/*.list && \
9
  apt-get update && apt-get install -y --no-install-recommends \
10
  curl \
 
26
  software-properties-common \
27
  && rm -rf /var/lib/apt/lists/*
28
 
 
29
  RUN add-apt-repository ppa:flexiondotorg/nvtop && \
30
  apt-get upgrade -y && \
31
  apt-get install -y --no-install-recommends nvtop
32
 
 
33
  RUN curl -sL https://deb.nodesource.com/setup_21.x | bash - && \
34
  apt-get install -y nodejs && \
35
  npm install -g configurable-http-proxy
36
 
37
+ # Create a working directory
38
+ WORKDIR /app
39
+
40
+ # Create a non-root user and switch to it, but give the user root privileges
41
  RUN adduser --disabled-password --gecos '' --shell /bin/bash user \
42
+ && usermod -aG root user \
43
+ && chown -R user:user /app
44
+
45
+ RUN echo "user ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/90-user
46
+ USER user
47
 
48
+ # All users can use /home/user as their home directory
49
  ENV HOME=/home/user
50
  RUN mkdir $HOME/.cache $HOME/.config \
51
  && chmod -R 777 $HOME
52
 
53
+ # Set up the Conda environment
54
  ENV CONDA_AUTO_UPDATE_CONDA=false \
55
  PATH=$HOME/miniconda/bin:$PATH
56
  RUN curl -sLo ~/miniconda.sh https://repo.continuum.io/miniconda/Miniconda3-py39_4.10.3-Linux-x86_64.sh \
 
59
  && rm ~/miniconda.sh \
60
  && conda clean -ya
61
 
 
62
  WORKDIR $HOME/app
63
 
64
+ #######################################
65
+ # Start root user section
66
+ #######################################
67
 
68
+ USER root
 
69
 
70
+ # User Debian packages
71
+ ## Security warning : Potential user code executed as root (build time)
72
+ RUN --mount=target=/root/packages.txt,source=packages.txt \
73
+ apt-get update && \
74
+ xargs -r -a /root/packages.txt apt-get install -y --no-install-recommends \
75
+ && rm -rf /var/lib/apt/lists/*
76
 
77
+ RUN --mount=target=/root/on_startup.sh,source=on_startup.sh,readwrite \
78
+ bash /root/on_startup.sh
 
 
 
 
 
 
79
 
80
+ RUN mkdir /data && chown user:user /data
 
81
 
82
+ #######################################
83
+ # End root user section
84
+ #######################################
85
+
86
+ USER root
87
 
88
+ # Python packages
89
  RUN --mount=target=requirements.txt,source=requirements.txt \
90
  pip install --no-cache-dir --upgrade -r requirements.txt
91
 
92
+ # Copy the current directory contents into the container at $HOME/app setting the owner to the user
93
+ COPY --chown=user . $HOME/app
94
+
95
+ RUN chmod +x start_server.sh
96
+
97
+ COPY --chown=user login.html /home/user/miniconda/lib/python3.9/site-packages/jupyter_server/templates/login.html
98
+
99
+ ENV PYTHONUNBUFFERED=1 \
100
+ GRADIO_ALLOW_FLAGGING=never \
101
+ GRADIO_NUM_PORTS=1 \
102
+ GRADIO_SERVER_NAME=0.0.0.0 \
103
+ GRADIO_THEME=huggingface \
104
+ SYSTEM=spaces \
105
+ SHELL=/bin/bash
106
+
107
  CMD ["./start_server.sh"]