| # Use Python 3.10 slim image | |
| FROM python:3.10-slim | |
| # Set working directory | |
| WORKDIR /app | |
| # Install system dependencies | |
| RUN apt-get update && apt-get install -y \ | |
| gcc \ | |
| g++ \ | |
| git \ | |
| && rm -rf /var/lib/apt/lists/* \ | |
| && apt-get clean | |
| # Create non-root user for security with home directory | |
| RUN groupadd -r appuser && useradd -r -g appuser -m -d /home/appuser appuser | |
| # Copy requirements first for better caching | |
| COPY requirements.txt . | |
| # Install Python dependencies | |
| RUN pip install --no-cache-dir --upgrade pip && \ | |
| pip install --no-cache-dir -r requirements.txt | |
| # Copy application code | |
| COPY . . | |
| # Create necessary directories with proper permissions | |
| RUN mkdir -p cache uploads datasets /home/appuser/.cache && \ | |
| chown -R appuser:appuser /app /home/appuser | |
| # Switch to non-root user | |
| USER appuser | |
| # Set environment variables | |
| ENV PYTHONUNBUFFERED=1 | |
| ENV ENVIRONMENT=production | |
| ENV HF_HOME=/home/appuser/.cache | |
| # Expose port 7860 for HuggingFace Spaces | |
| EXPOSE 7860 | |
| # Set environment for HuggingFace Spaces | |
| ENV PORT=7860 | |
| ENV HOST=0.0.0.0 | |
| # Health check (now requests is in requirements.txt) | |
| HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \ | |
| CMD python -c "import requests; requests.get('http://localhost:7860/health', timeout=5)" | |
| # Run the app directly (HuggingFace Spaces requirement) | |
| CMD ["python", "app.py"] | |