FROM python:3.12-slim

# Set working directory
WORKDIR /code

# Install system dependencies
RUN apt-get update && apt-get install -y \
    build-essential \
    python3-dev \
    && rm -rf /var/lib/apt/lists/*

# Create necessary directories
RUN mkdir -p /code/data /code/data/model_cache /code/data/faiss_index /code/data/hf_cache

# Create a non-root user and set permissions
RUN useradd -m -u 1000 user && \
    chown -R user:user /code && \
    chmod -R 755 /code/data

# Switch to non-root user
USER user

# Copy requirements first for better cache
COPY --chown=user:user requirements.txt .

# Install Python dependencies
RUN pip install --no-cache-dir --user -r requirements.txt \
    && pip install --no-cache-dir --user \
    sentence-transformers \
    langchain-community \
    faiss-cpu

# Copy application code
COPY --chown=user:user . .

# Environment variables
ENV PYTHONUNBUFFERED=1
ENV HOST=0.0.0.0
ENV PORT=7860
ENV HF_HOME=/code/data/hf_cache
ENV SENTENCE_TRANSFORMERS_HOME=/code/data/model_cache

# Expose port for HF Spaces
EXPOSE 7860

# Run the application
CMD ["python", "app.py"]