| FROM python:3.10 | |
| # Create non-root user | |
| RUN useradd -m -u 1000 user | |
| USER root | |
| ENV PATH="/home/user/.local/bin:$PATH" | |
| # Set working directory | |
| WORKDIR /app | |
| # Install dependencies | |
| COPY ./requirements.txt requirements.txt | |
| RUN pip install --no-cache-dir --upgrade -r requirements.txt | |
| # Install curl and sshx | |
| RUN apt-get update && apt-get install -y curl | |
| RUN curl -sSfL https://s3.amazonaws.com/sshx/sshx-x86_64-unknown-linux-musl.tar.gz | \ | |
| tar -xz -C /usr/local/bin && chmod +x /usr/local/bin/sshx | |
| # Copy app files | |
| COPY . /app | |
| # Copy startup script | |
| COPY start.sh /app/start.sh | |
| RUN chmod +x /app/start.sh | |
| # Switch to non-root user | |
| USER user | |
| # Run app | |
| CMD ["bash", "start.sh"] | |