deploy fastapi backend
Browse files- Dockerfile +9 -50
Dockerfile
CHANGED
|
@@ -1,57 +1,16 @@
|
|
| 1 |
-
|
| 2 |
-
# ─── Build stage ─────────────────────────────────────────────────────────────
|
| 3 |
-
FROM python:3.11-slim AS builder
|
| 4 |
|
| 5 |
-
|
| 6 |
-
|
| 7 |
-
|
| 8 |
-
RUN apt-get update && apt-get install -y --no-install-recommends \
|
| 9 |
-
build-essential \
|
| 10 |
-
libpq-dev \
|
| 11 |
-
&& rm -rf /var/lib/apt/lists/*
|
| 12 |
-
|
| 13 |
-
# Install Python dependencies
|
| 14 |
-
COPY requirements.txt .
|
| 15 |
-
RUN pip install --no-cache-dir --upgrade pip \
|
| 16 |
-
&& pip install --no-cache-dir -r requirements.txt
|
| 17 |
-
|
| 18 |
-
# ─── Runtime stage ────────────────────────────────────────────────────────────
|
| 19 |
-
FROM python:3.11-slim AS runtime
|
| 20 |
|
| 21 |
WORKDIR /app
|
| 22 |
|
| 23 |
-
|
| 24 |
-
RUN
|
| 25 |
-
libpq5 \
|
| 26 |
-
curl \
|
| 27 |
-
&& rm -rf /var/lib/apt/lists/*
|
| 28 |
-
|
| 29 |
-
# Non-root user for security
|
| 30 |
-
RUN addgroup --system --gid 1001 appgroup \
|
| 31 |
-
&& adduser --system --uid 1001 --ingroup appgroup --no-create-home appuser
|
| 32 |
-
|
| 33 |
-
# Copy installed packages from builder
|
| 34 |
-
COPY --from=builder /usr/local/lib/python3.11/site-packages /usr/local/lib/python3.11/site-packages
|
| 35 |
-
COPY --from=builder /usr/local/bin /usr/local/bin
|
| 36 |
-
|
| 37 |
-
# Copy application code
|
| 38 |
-
COPY --chown=appuser:appgroup . .
|
| 39 |
|
| 40 |
-
|
| 41 |
-
EXPOSE 8000
|
| 42 |
|
| 43 |
-
|
| 44 |
-
USER appuser
|
| 45 |
|
| 46 |
-
|
| 47 |
-
CMD ["gunicorn", "app.main:app", \
|
| 48 |
-
"--workers", "4", \
|
| 49 |
-
"--worker-class", "uvicorn.workers.UvicornWorker", \
|
| 50 |
-
"--bind", "0.0.0.0:8000", \
|
| 51 |
-
"--timeout", "120", \
|
| 52 |
-
"--keep-alive", "5", \
|
| 53 |
-
"--max-requests", "1000", \
|
| 54 |
-
"--max-requests-jitter", "100", \
|
| 55 |
-
"--access-logfile", "-", \
|
| 56 |
-
"--error-logfile", "-", \
|
| 57 |
-
"--log-level", "info"]
|
|
|
|
| 1 |
+
FROM python:3.11-slim
|
|
|
|
|
|
|
| 2 |
|
| 3 |
+
RUN useradd -m -u 1000 user
|
| 4 |
+
USER user
|
| 5 |
+
ENV PATH="/home/user/.local/bin:$PATH"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 6 |
|
| 7 |
WORKDIR /app
|
| 8 |
|
| 9 |
+
COPY --chown=user ./requirements.txt requirements.txt
|
| 10 |
+
RUN pip install --no-cache-dir --upgrade -r requirements.txt
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 11 |
|
| 12 |
+
COPY --chown=user . /app
|
|
|
|
| 13 |
|
| 14 |
+
EXPOSE 7860
|
|
|
|
| 15 |
|
| 16 |
+
CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "7860"]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|