Spaces:
Paused
Paused
| # Use Python 3.12 slim image as base | |
| FROM python:3.12-slim | |
| # First: System-level operations that require root | |
| RUN apt-get update && apt-get install -y \ | |
| bash \ | |
| wget \ | |
| git \ | |
| git-lfs \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # Second: Create user and set up directories | |
| RUN useradd -m -u 1000 user && \ | |
| mkdir -p /app/logs /app/.cache /app/models && \ | |
| chmod 777 /app/logs /app/.cache /app/models && \ | |
| chown -R user:user /app | |
| # Third: Switch context to user | |
| USER user | |
| # Fourth: Set up environment for user | |
| ENV HOME=/home/user \ | |
| PATH=/home/user/.local/bin:$PATH | |
| # Fifth: Set working directory | |
| WORKDIR $HOME/app | |
| # Rest of the Dockerfile continues with user-level operations | |
| COPY --chown=user requirements.txt . | |
| RUN pip install --no-cache-dir --upgrade pip && \ | |
| pip install --no-cache-dir -r requirements.txt | |
| COPY --chown=user main $HOME/app/main | |
| COPY --chown=user utils $HOME/app/utils | |
| ENV PYTHONPATH=$HOME/app/main | |
| ENV PYTHONUNBUFFERED=1 | |
| ENV HF_HOME=$HOME/app/.cache | |
| RUN --mount=type=secret,id=HF_TOKEN,mode=0444,required=true \ | |
| export HF_TOKEN=$(cat /run/secrets/HF_TOKEN) | |
| EXPOSE 7680 | |
| CMD ["python", "-m", "main.app"] |