| FROM python:3.9-slim | |
| # Set working directory | |
| WORKDIR /app | |
| # Install system dependencies | |
| RUN apt-get update && apt-get install -y \ | |
| build-essential \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # Copy requirements first to leverage Docker cache | |
| COPY requirements.txt . | |
| # Install Python dependencies | |
| RUN pip install --no-cache-dir -r requirements.txt | |
| # Copy the rest of the application | |
| COPY . . | |
| # Create a non-root user for security | |
| RUN adduser --disabled-password --gecos '' appuser | |
| RUN chown -R appuser:appuser /app | |
| USER appuser | |
| # Expose port 7860 | |
| EXPOSE 7860 | |
| # Run the application | |
| CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "7860"] |