| # syntax=docker/dockerfile:1 | |
| FROM python:3.12-slim | |
| # 1. Create non‑root user | |
| RUN useradd --create-home --shell /bin/bash --uid 1000 appuser | |
| # 2. Environment variables - set HF_HOME to match what's used in lifespan | |
| ENV PYTHONDONTWRITEBYTECODE=1 \ | |
| PYTHONUNBUFFERED=1 \ | |
| HF_HOME=/home/appuser/huggingface \ | |
| PORT=7860 \ | |
| PATH=/home/appuser/.local/bin:$PATH | |
| # 3. Set working directory | |
| WORKDIR /home/appuser/app | |
| # 4. Install Python dependencies | |
| COPY requirements.txt . | |
| RUN pip install --upgrade pip \ | |
| && pip install --no-cache-dir -r requirements.txt | |
| # 5. Copy code and set permissions | |
| COPY --chown=appuser:appuser . . | |
| # 6. Create huggingface directory with proper permissions | |
| RUN mkdir -p /home/appuser/huggingface && \ | |
| chown -R appuser:appuser /home/appuser | |
| # 7. Switch to appuser | |
| USER appuser | |
| # 9. Expose port & run app using uvicorn | |
| EXPOSE 7860 | |
| CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "7860"] |