Update Dockerfile
Browse files- Dockerfile +44 -44
Dockerfile
CHANGED
|
@@ -1,44 +1,44 @@
|
|
| 1 |
-
FROM python:3.
|
| 2 |
-
|
| 3 |
-
WORKDIR /app
|
| 4 |
-
|
| 5 |
-
# Security and performance environment variables
|
| 6 |
-
ENV PYTHONDONTWRITEBYTECODE=1 \
|
| 7 |
-
PYTHONUNBUFFERED=1 \
|
| 8 |
-
PIP_NO_CACHE_DIR=1 \
|
| 9 |
-
PIP_DISABLE_PIP_VERSION_CHECK=1
|
| 10 |
-
|
| 11 |
-
# Install security updates
|
| 12 |
-
RUN apt-get update && \
|
| 13 |
-
apt-get upgrade -y && \
|
| 14 |
-
apt-get clean && \
|
| 15 |
-
rm -rf /var/lib/apt/lists/*
|
| 16 |
-
|
| 17 |
-
# Create non-root user with specific UID
|
| 18 |
-
RUN useradd -m -u 1000 -s /bin/bash user
|
| 19 |
-
|
| 20 |
-
# Install dependencies as root
|
| 21 |
-
COPY requirements.txt .
|
| 22 |
-
RUN pip install --no-cache-dir --upgrade pip && \
|
| 23 |
-
pip install --no-cache-dir -r requirements.txt
|
| 24 |
-
|
| 25 |
-
# Copy application code and set ownership
|
| 26 |
-
COPY --chown=user:user . .
|
| 27 |
-
|
| 28 |
-
# Switch to non-root user
|
| 29 |
-
USER user
|
| 30 |
-
|
| 31 |
-
# Set PATH for user
|
| 32 |
-
ENV PATH="/home/user/.local/bin:$PATH" \
|
| 33 |
-
HOME="/home/user"
|
| 34 |
-
|
| 35 |
-
# Health check
|
| 36 |
-
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
|
| 37 |
-
CMD
|
| 38 |
-
|
| 39 |
-
# Expose port 7860 (Hugging Face Spaces default)
|
| 40 |
-
EXPOSE 7860
|
| 41 |
-
|
| 42 |
-
# Start server with production settings
|
| 43 |
-
CMD ["
|
| 44 |
-
|
|
|
|
| 1 |
+
FROM python:3.14-slim
|
| 2 |
+
|
| 3 |
+
WORKDIR /app
|
| 4 |
+
|
| 5 |
+
# Security and performance environment variables
|
| 6 |
+
ENV PYTHONDONTWRITEBYTECODE=1 \
|
| 7 |
+
PYTHONUNBUFFERED=1 \
|
| 8 |
+
PIP_NO_CACHE_DIR=1 \
|
| 9 |
+
PIP_DISABLE_PIP_VERSION_CHECK=1
|
| 10 |
+
|
| 11 |
+
# Install security updates
|
| 12 |
+
RUN apt-get update && \
|
| 13 |
+
apt-get upgrade -y && \
|
| 14 |
+
apt-get clean && \
|
| 15 |
+
rm -rf /var/lib/apt/lists/*
|
| 16 |
+
|
| 17 |
+
# Create non-root user with specific UID
|
| 18 |
+
RUN useradd -m -u 1000 -s /bin/bash user
|
| 19 |
+
|
| 20 |
+
# Install dependencies as root
|
| 21 |
+
COPY requirements.txt .
|
| 22 |
+
RUN pip install --no-cache-dir --upgrade pip && \
|
| 23 |
+
pip install --no-cache-dir -r requirements.txt
|
| 24 |
+
|
| 25 |
+
# Copy application code and set ownership
|
| 26 |
+
COPY --chown=user:user . .
|
| 27 |
+
|
| 28 |
+
# Switch to non-root user
|
| 29 |
+
USER user
|
| 30 |
+
|
| 31 |
+
# Set PATH for user
|
| 32 |
+
ENV PATH="/home/user/.local/bin:$PATH" \
|
| 33 |
+
HOME="/home/user"
|
| 34 |
+
|
| 35 |
+
# Health check
|
| 36 |
+
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
|
| 37 |
+
CMD python3 -c "import requests; requests.get('http://localhost:7860/health', timeout=5)"
|
| 38 |
+
|
| 39 |
+
# Expose port 7860 (Hugging Face Spaces default)
|
| 40 |
+
EXPOSE 7860
|
| 41 |
+
|
| 42 |
+
# Start server with production settings
|
| 43 |
+
CMD ["sh", "-c", "uvicorn server:app --host 0.0.0.0 --port ${PORT:-7860} --log-level ${LOG_LEVEL:-info} --no-access-log --workers ${WEB_CONCURRENCY:-2}"]
|
| 44 |
+
|