# 1. Use the official Python image (starts as root)
FROM python:3.12-slim

# 2. Install uv for fast dependency installation
COPY --from=ghcr.io/astral-sh/uv:0.4.20 /uv /bin/uv

# 3. Set the working directory
WORKDIR /app

# 4. Copy requirements and install AS ROOT 
# (Root has permission to write to /usr/local/lib/python3.12)
COPY requirements.txt .
ENV UV_SYSTEM_PYTHON=1
RUN uv pip install -r requirements.txt

# 5. Create the non-root user (UID 1000 is required by Hugging Face)
RUN useradd -m -u 1000 user

# 6. Copy the rest of your app and change ownership to the 'user'
COPY . .
RUN chown -R user:user /app

# 7. Switch to the non-root user for security at runtime
USER user
ENV PATH="/home/user/.local/bin:$PATH"

# 8. Tell HF which port to use
EXPOSE 7860

# 9. Start the app (using Gunicorn is recommended for production)
CMD ["gunicorn", "--bind", "0.0.0.0:7860", "--timeout", "120", "app:server"]