# Start with CUDA base image
FROM nvidia/cuda:11.2.2-cudnn8-devel-ubuntu20.04

# Avoid prompts from apt
ENV DEBIAN_FRONTEND=noninteractive

# Install system dependencies
RUN apt-get update && apt-get install -y \
    software-properties-common \
    && add-apt-repository ppa:deadsnakes/ppa \
    && apt-get update \
    && apt-get install -y \
    python3.9 \
    python3.9-distutils \
    python3.9-dev \
    python3-pip \
    build-essential \
    wget \
    ffmpeg \
    libsm6 \
    libxext6 \
    libgl1-mesa-glx \
    && rm -rf /var/lib/apt/lists/*

# Set Python 3.9 as the default python version
RUN update-alternatives --install /usr/bin/python3 python3 /usr/bin/python3.9 1
RUN update-alternatives --set python3 /usr/bin/python3.9

# Install pip for Python 3.9
RUN wget https://bootstrap.pypa.io/get-pip.py && \
    python3 get-pip.py && \
    rm get-pip.py

# Set up a new user named "user" with user ID 1000
RUN useradd -m -u 1000 user

# Switch to the "user" user
USER user

# Set home to the user's home directory
ENV HOME=/home/user \
    PATH=/home/user/.local/bin:$PATH

# Set the working directory to the user's home directory
WORKDIR $HOME/app

# Copy the requirements file with correct ownership
COPY --chown=user requirements.txt .

# Install any needed packages specified in requirements.txt
RUN pip3 install --no-cache-dir --user -r requirements.txt

# Copy the current directory contents into the container at $HOME/app setting the owner to the user
COPY --chown=user . $HOME/app

# Mount the secret and set it as an environment variable
RUN --mount=type=secret,id=OPENAI_API_KEY,mode=0444,required=true \
    bash -c 'cat /run/secrets/OPENAI_API_KEY > /tmp/OPENAI_API_KEY && echo "export OPENAI_API_KEY=$(cat /tmp/OPENAI_API_KEY)" >> ~/.bashrc'

# Make port 7860 available to the world outside this container
EXPOSE 7860

# Run app.py when the container launches
CMD ["bash", "-c", "source ~/.bashrc && python3 -m streamlit run app.py --server.port=7860 --server.address=0.0.0.0 --server.enableXsrfProtection=false"]