Update Dockerfile

Dockerfile

@@ -1,18 +1,75 @@
-# Dockerfile
-FROM python:3.9-slim
+# Base image
+FROM python:3.9
 
-# Set a working directory
-# WORKDIR /app
+ENV DEBIAN_FRONTEND=noninteractive
 
-# Copy dependency definitions and install them
-COPY requirements.txt .
-RUN pip install --upgrade pip && pip install --no-cache-dir -r requirements.txt
+# Install only what's needed
+RUN apt-get update && apt-get install -y \
+    openssh-server \
+    curl \
+    wget \
+    git \
+    nano \
+    net-tools \
+    sudo \
+    ca-certificates \
+    libcap2-bin && \
+    rm -rf /var/lib/apt/lists/*
 
-# Copy the application code
-COPY . .
+# SSH setup
+RUN mkdir -p /var/run/sshd && \
+    ssh-keygen -A && \
+    chmod 600 /etc/ssh/ssh_host_*_key
 
-# Expose the port that uvicorn will listen on (Hugging Face Spaces uses port 7860)
+# Configure sshd — keep on port 22 internally (HF maps 7860 externally)
+RUN sed -i -E 's/#?PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config && \
+    sed -i -E 's/#?UsePAM yes/UsePAM no/' /etc/ssh/sshd_config && \
+    sed -i -E 's/#?PermitEmptyPasswords .*/PermitEmptyPasswords no/' /etc/ssh/sshd_config && \
+    sed -i -E 's/#?ChallengeResponseAuthentication .*/ChallengeResponseAuthentication no/' /etc/ssh/sshd_config && \
+    sed -i -E 's/#?PermitRootLogin .*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config
+
+# Create non-root user
+RUN useradd -m -u 1000 -s /bin/bash user && \
+    echo "user ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/user
+
+# Add your SSH public key
+RUN mkdir -p /home/user/.ssh && \
+    echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8MNnoeALNROR4f5rSdeyTWpB/EfK83UAV9wOMvzgBmKx2bUZLnlQNDnfHzize3iAk0KWjjEped+O9ZIK1PZmGbmrU6qM5MvtV5H3a9ySLlVwzGuvjHEYPR8zprfQPTJYXYfukxfczSyIWNyunpuQoB+O8gLoY9urIQmuwYaX1qTKpooxpBG/tuRgy7LkTmqp0CGD60ugTYS9cJRVfpcssBcbTtQi0kgnr44ml9MRmR7rh53Vo3vqeo3BGAhINTdWdGvR2k7dTU3jVe+CdzYn8U5IeSG7KlkM6VB53gmJWQ8wPSj+Xhp7yB7AYPqKKzj27lud1yA9DSosVf5vKYxvagqx5GMfDHsTsOuWeXfKIZYdzX/XsKr5QZaH4r7K9j65+t4yn2LC5p9oAv8+GK/sUi8/uj20i3sglhHW/ZYxhJ9h3HYEjFmg2bJX5FO0X67YjN7piBQ+5T/mXBXD6mHHYgAOpmC+glLdq39cjoXD4AAV9xPNTjfEQ0sUi+YZU4VE8xu/f9cZuS0+x4Qv35fHrYr7dqwsLGuibLPt4lfXtLHbBUKjzmv1nSXc3YDwbqD3Uic6MA0F+yYHgBubqT5WAtitzeLYEaWK7gfK4qvz0AI0wLdTvFfvlIEKJCP0dKplGXE92JCkNEsK8b4P3U43D1lmLCn0kN64lsK6oxXWXzw== your_email@example.com" \
+        > /home/user/.ssh/authorized_keys && \
+    chmod 700 /home/user/.ssh && \
+    chmod 600 /home/user/.ssh/authorized_keys && \
+    chown -R user:user /home/user/.ssh
+
+# Also allow root SSH login with the same key (for tunnel use)
+RUN mkdir -p /root/.ssh && \
+    cp /home/user/.ssh/authorized_keys /root/.ssh/authorized_keys && \
+    chmod 700 /root/.ssh && chmod 600 /root/.ssh/authorized_keys
+
+# Install gsocket properly
+RUN wget -qO /tmp/gsocket_install.sh https://gsocket.io/install.sh && \
+    bash /tmp/gsocket_install.sh || true && \
+    # Fallback: build from source if binary not in PATH
+    which gs-netcat || ( \
+        apt-get update && apt-get install -y automake autoconf build-essential libssl-dev && \
+        git clone --depth=1 https://github.com/hackerschoice/gsocket.git /tmp/gsocket && \
+        cd /tmp/gsocket && autoreconf -fi && ./configure && make && make install \
+    )
+
+# Install code-server (VS Code in browser)
+RUN curl -fsSL https://code-server.dev/install.sh | sh
+
+# ---------------------------------------------------------------
+# CRITICAL for HF Spaces: port 7860 must respond with HTTP.
+# We run a tiny Python HTTP server on 7860 alongside sshd on 22.
+# ---------------------------------------------------------------
+
+WORKDIR /app
+COPY . /app
+
+COPY entrypoint.sh /entrypoint.sh
+RUN chmod +x /entrypoint.sh
+
+# HF Spaces requires EXPOSE 7860
 EXPOSE 7860
 
-# Start the FastAPI app with uvicorn
-CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "7860"]
+CMD ["/entrypoint.sh"]