Fix HF Space build: switch to python:3.11-slim-bookworm base

deadsnakes PPA gpg import fails in HF build sandbox. Use
python:3.11-slim-bookworm which ships Python 3.11 natively.
Also handle MariaDB (Bookworm default) in start.sh and fix
uvicorn module path to open_range.server.app.

Dockerfile

@@ -1,27 +1,21 @@
 # =============================================================================
 # OpenRange — Production All-in-One Dockerfile
 # =============================================================================
-# Single-stage build on Ubuntu 22.04 with Python 3.11 + all range services.
-# Installs uv for Python dependency management, then all system services.
+# Python 3.11 base + all range services installed via apt.
+# No PPA needed — python:3.11-slim-bookworm ships Python 3.11 natively.
 # =============================================================================
 
-FROM ubuntu:22.04
+FROM python:3.11-slim-bookworm
 
 ENV DEBIAN_FRONTEND=noninteractive
 
 # ── 1. System packages: services + security tools ────────────────────────────
 
 RUN apt-get update && apt-get install -y --no-install-recommends \
-    # Python 3.11 via deadsnakes PPA
-    software-properties-common \
-    && add-apt-repository -y ppa:deadsnakes/ppa \
-    && apt-get update && apt-get install -y --no-install-recommends \
-    python3.11 python3.11-venv python3.11-dev \
     # Web
     nginx \
-    php8.1-fpm php8.1-mysql php8.1-ldap php8.1-xml php8.1-mbstring \
     # Database
-    mysql-server \
+    default-mysql-server default-mysql-client \
     # LDAP
     slapd ldap-utils \
     # Logging
@@ -37,13 +31,12 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     netcat-openbsd dnsutils tcpdump curl wget sshpass \
     iputils-ping whois \
     # Utilities
-    jq procps iproute2 git ca-certificates \
+    jq procps iproute2 git ca-certificates bash \
     && rm -rf /var/lib/apt/lists/*
 
 # ── 2. Install uv for Python dependency management ──────────────────────────
 
-RUN curl -LsSf https://astral.sh/uv/install.sh | sh \
-    && mv /root/.local/bin/uv /usr/local/bin/uv
+RUN pip install --no-cache-dir uv
 
 # ── 3. Create directories and fix permissions ────────────────────────────────
 
@@ -59,6 +52,7 @@ COPY . /app/env
 WORKDIR /app/env
 
 RUN uv venv --python python3.11 /app/.venv \
+    && . /app/.venv/bin/activate \
     && if [ -f uv.lock ]; then \
         uv sync --frozen --no-editable; \
     else \

start.sh

@@ -39,30 +39,41 @@ mkdir -p /var/lib/samba/private
 mkdir -p /var/log/nginx
 mkdir -p /var/log/mysql
 
-# ── 2. MySQL ────────────────────────────────────────────────────────────────
-
-echo "[start.sh] Starting MySQL..."
-if [ ! -d /var/lib/mysql/mysql ]; then
-    echo "[start.sh]   Initializing MySQL data directory..."
-    mysqld --initialize-insecure --user=mysql 2>&1 | tee "${LOGDIR}/mysql.log"
-fi
+# ── 2. MySQL / MariaDB ────────────────────────────────────────────────────
+
+echo "[start.sh] Starting MySQL/MariaDB..."
+# Detect which daemon is available (MariaDB on Bookworm, MySQL on Jammy)
+MYSQLD=$(command -v mariadbd || command -v mysqld || echo "")
+if [ -n "$MYSQLD" ]; then
+    if [ ! -d /var/lib/mysql/mysql ]; then
+        echo "[start.sh]   Initializing database data directory..."
+        if command -v mariadb-install-db >/dev/null 2>&1; then
+            mariadb-install-db --user=mysql 2>&1 | tee "${LOGDIR}/mysql.log"
+        else
+            mysqld --initialize-insecure --user=mysql 2>&1 | tee "${LOGDIR}/mysql.log"
+        fi
+    fi
 
-mysqld --user=mysql --log-error="${LOGDIR}/mysql.log" &
-PIDS+=($!)
+    $MYSQLD --user=mysql --log-error="${LOGDIR}/mysql.log" &
+    PIDS+=($!)
 
-echo -n "[start.sh]   Waiting for MySQL readiness"
-for i in $(seq 1 30); do
-    if mysqladmin ping --silent 2>/dev/null; then
-        echo " ready (${i}s)"
-        break
-    fi
-    echo -n "."
-    sleep 1
-    if [ "$i" -eq 30 ]; then
-        echo " TIMEOUT"
-        echo "[start.sh]   WARNING: MySQL did not become ready in 30s"
-    fi
-done
+    echo -n "[start.sh]   Waiting for database readiness"
+    ADMIN_CMD=$(command -v mariadb-admin || command -v mysqladmin || echo "")
+    for i in $(seq 1 30); do
+        if [ -n "$ADMIN_CMD" ] && $ADMIN_CMD ping --silent 2>/dev/null; then
+            echo " ready (${i}s)"
+            break
+        fi
+        echo -n "."
+        sleep 1
+        if [ "$i" -eq 30 ]; then
+            echo " TIMEOUT"
+            echo "[start.sh]   WARNING: Database did not become ready in 30s"
+        fi
+    done
+else
+    echo "[start.sh]   MySQL/MariaDB not installed, skipping"
+fi
 
 # ── 3. PHP-FPM ──────────────────────────────────────────────────────────────
 
@@ -204,4 +215,4 @@ echo "============================================================"
 # ── 10. exec uvicorn as PID 1 ──────────────────────────────────────────────
 
 cd /app/env
-exec python3 -m uvicorn server.app:app --host 0.0.0.0 --port 8000
+exec python3 -m uvicorn open_range.server.app:app --host 0.0.0.0 --port 8000