Update Dockerfile

Dockerfile

@@ -1,72 +1,59 @@
 FROM python:3.9-slim
 
-# Install system dependencies
+# Install git and clean up in the same layer to keep the image size down
 RUN apt-get update && \
-    apt-get install -y curl && \
+    apt-get install -y git curl && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/*
 
 WORKDIR /app
 
-# Create necessary directories first
-RUN mkdir -p /app/templates /app/instance/sessions
+# Clone private repository using mounted secret
+RUN --mount=type=secret,id=GITHUB_TOKEN,required=true \
+    git clone https://x-access-token:$(cat /run/secrets/GITHUB_TOKEN)@github.com/leoncool23/AIhfbackend.git . \
+    && rm -rf .git
 
-# Copy all files
-COPY . .
-
-# Debug: Show directory structure
-RUN echo "=== Directory Structure ===" && \
-    ls -la /app
+# Create necessary directories and give them open permissions
+# This is a robust way to handle permissions in containerized environments.
+RUN mkdir -p /app/instance/sessions && \
+    chmod -R 777 /app/instance
 
 # Install Python dependencies
 RUN pip install --no-cache-dir -r requirements.txt
 
-# Create gunicorn configuration
-RUN echo 'bind = "0.0.0.0:7860"' > /app/gunicorn.conf.py && \
-    echo 'workers = 1' >> /app/gunicorn.conf.py && \
-    echo 'worker_class = "sync"' >> /app/gunicorn.conf.py && \
-    echo 'loglevel = "info"' >> /app/gunicorn.conf.py && \
-    echo 'accesslog = "-"' >> /app/gunicorn.conf.py && \
-    echo 'errorlog = "-"' >> /app/gunicorn.conf.py && \
-    echo 'preload_app = True' >> /app/gunicorn.conf.py && \
-    echo 'chdir = "/app"' >> /app/gunicorn.conf.py
-
-# Create start script
-RUN echo '#!/bin/bash' > /app/start.sh && \
-    echo 'set -e' >> /app/start.sh && \
-    echo 'cd /app' >> /app/start.sh && \
-    echo 'export PYTHONPATH=/app:$PYTHONPATH' >> /app/start.sh && \
-    echo 'echo "===== Application Startup at $(date) ====="' >> /app/start.sh && \
-    echo 'echo "Current directory: $(pwd)"' >> /app/start.sh && \
-    echo 'echo "Python path: $PYTHONPATH"' >> /app/start.sh && \
-    echo 'echo "Directory contents:"' >> /app/start.sh && \
-    echo 'ls -la' >> /app/start.sh && \
-    echo 'echo "Running initialization script..."' >> /app/start.sh && \
-    echo 'python3 init_script.py' >> /app/start.sh && \
-    echo 'echo "Starting Gunicorn server..."' >> /app/start.sh && \
-    echo 'exec gunicorn --config /app/gunicorn.conf.py app:app' >> /app/start.sh && \
+# Create a script to run the application
+# Use 'set -e' to exit immediately if a command fails.
+RUN echo '#!/bin/bash\n\
+set -e\n\
+echo "===== Application Startup at $(date) ====="\n\
+echo "Initializing database..."\n\
+python3 -c "from app import init_db; init_db()"\n\
+echo "Database initialized successfully."\n\
+echo "Starting Gunicorn server..."\n\
+exec gunicorn \
+    --config /app/gunicorn.conf.py \
+    app:app' > /app/start.sh && \
     chmod +x /app/start.sh
 
-# Set environment variables
+# Environment variables
 ENV FLASK_APP=app.py
 ENV FLASK_ENV=production
 ENV HOST=0.0.0.0
 ENV PORT=7860
-ENV PYTHONPATH=/app
 ENV PYTHONUNBUFFERED=1
 
-# Dify API configuration
-ENV DIFY_API_KEY=${DIFY_API_KEY}
-ENV DIFY_API_ENDPOINT=${DIFY_API_ENDPOINT}
+# Create gunicorn config file
+RUN echo 'bind = "0.0.0.0:7860"\n\
+workers = 1\n\
+worker_class = "sync"\n\
+loglevel = "info"\n\
+accesslog = "-"\n\
+errorlog = "-"\n\
+preload_app = True' > /app/gunicorn.conf.py
 
-# Set permissions
-RUN chmod -R 777 /app/instance && \
-    chown -R nobody:nogroup /app && \
-    chmod -R 755 /app
-
-# Switch to non-root user
+# Switch to non-root user for security
 USER nobody
 
+# Expose the port and start the application
 EXPOSE 7860
-
 CMD ["/app/start.sh"]