| FROM python:3.11-slim | |
| WORKDIR /app | |
| # Install system dependencies (needed for OpenCV and ONNX) | |
| RUN apt-get update && apt-get install -y --no-install-recommends \ | |
| libgl1 \ | |
| libglib2.0-0 \ | |
| wget \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # Pre-create models directory | |
| RUN mkdir -p app/models | |
| # Download the ArcFace ONNX model during build to avoid missing file errors | |
| RUN wget -O app/models/w600k_mbf.onnx https://huggingface.co/deepghs/insightface/resolve/main/buffalo_s/w600k_mbf.onnx | |
| COPY requirements.txt . | |
| RUN pip install --no-cache-dir -r requirements.txt | |
| # Copy everything else | |
| COPY . . | |
| # Ensure permissions for the non-root appuser | |
| RUN adduser --disabled-password --gecos "" appuser && \ | |
| chown -R appuser:appuser /app | |
| USER appuser | |
| # Use Render/HF default port | |
| EXPOSE 7860 | |
| # Point to model | |
| ENV MODEL_PATH=/app/app/models/w600k_mbf.onnx | |
| CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "7860"] | |