# 使用官方Python 3.9 slim镜像
FROM python:3.9-slim

# 设置工作目录
WORKDIR /app

# --- 准备工作：安装git ---
RUN apt-get update && apt-get install -y --no-install-recommends git

# --- 关键步骤：使用PAT克隆私有仓库 ---
RUN --mount=type=secret,id=GH_USERNAME \
    --mount=type=secret,id=GH_TOKEN \
    git clone https://$(cat /run/secrets/GH_USERNAME):$(cat /run/secrets/GH_TOKEN)@github.com/leoncool23/ducg-knowledge-editor.git .

# --- 新增步骤：创建并授权持久化存储目录 ---
RUN mkdir -p /data && chown -R 1000:1000 /data

# --- 设置Python环境 ---
RUN pip install --no-cache-dir -r requirements.txt
RUN pip install gunicorn

# --- 运行应用 ---
EXPOSE 7860
CMD ["gunicorn", "--bind", "0.0.0.0:7860", "--timeout", "120", "app:app"]