# ---------------------------------------------------------- # 1. Base Image # ---------------------------------------------------------- FROM ubuntu:22.04 # Avoid interactive prompts during build ENV DEBIAN_FRONTEND=noninteractive # ---------------------------------------------------------- # 2. Install System Dependencies # ---------------------------------------------------------- RUN apt-get update && apt-get install -y --no-install-recommends \ wget \ curl \ ca-certificates \ git \ build-essential \ python3 \ python3-pip \ && rm -rf /var/lib/apt/lists/* # ---------------------------------------------------------- # 3. Install Ollama as Root # ---------------------------------------------------------- # Set OLLAMA_HOME to a writable directory ENV OLLAMA_HOME=/ollama-data RUN mkdir -p $OLLAMA_HOME && chmod 755 $OLLAMA_HOME RUN curl -fsSL https://ollama.com/install.sh | bash # ---------------------------------------------------------- # 4. Create a Non-Root User # ---------------------------------------------------------- RUN useradd -m appuser # ---------------------------------------------------------- # 5. Set Permissions for Ollama Directory # ---------------------------------------------------------- RUN chown -R appuser:appuser $OLLAMA_HOME # ---------------------------------------------------------- # 6. Set Working Directory for the Application # ---------------------------------------------------------- WORKDIR /app # ---------------------------------------------------------- # 7. Copy and Install Python Requirements # ---------------------------------------------------------- COPY requirements.txt . RUN pip3 install --no-cache-dir -r requirements.txt # ---------------------------------------------------------- # 8. Copy Application Files # ---------------------------------------------------------- COPY app.py /app/app.py COPY entrypoint.sh /entrypoint.sh RUN chmod +x /entrypoint.sh # ---------------------------------------------------------- # 9. Set Environment Variables and Expose Port # ---------------------------------------------------------- ENV API_KEY=${API_KEY} EXPOSE 7860 # ---------------------------------------------------------- # 10. Adjust Ownership of Application Directory # ---------------------------------------------------------- RUN chown -R appuser:appuser /app # ---------------------------------------------------------- # 11. Switch to Non-Root User # ---------------------------------------------------------- USER appuser # ---------------------------------------------------------- # 12. Define Entrypoint # ---------------------------------------------------------- CMD ["/entrypoint.sh"]