| FROM python:3.11-slim | |
| WORKDIR /app | |
| RUN apt-get update && apt-get install -y --no-install-recommends \ | |
| build-essential \ | |
| nginx \ | |
| && rm -rf /var/lib/apt/lists/* | |
| COPY requirements.txt . | |
| RUN pip install --no-cache-dir -r requirements.txt | |
| COPY . . | |
| RUN chmod +x start.sh | |
| # Allow non-root nginx: writable pid/log/cache dirs | |
| RUN mkdir -p /tmp/nginx && \ | |
| chmod -R 777 /var/log/nginx /var/lib/nginx /tmp/nginx | |
| RUN useradd -m -u 1000 user | |
| USER user | |
| EXPOSE 7860 | |
| CMD ["./start.sh"] | |