| # Use a lightweight Python image | |
| FROM python:3.10.12 | |
| # Install system dependencies | |
| RUN apt-get update && apt-get install -y \ | |
| libgl1-mesa-glx \ | |
| libglib2.0-0 \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # Create a non-root user | |
| RUN useradd -m -u 1000 user | |
| # Set up the working directory | |
| WORKDIR /app | |
| # Copy the requirements and install dependencies | |
| COPY requirements.txt . | |
| RUN pip install --no-cache-dir --upgrade -r requirements.txt | |
| # Copy the rest of the application | |
| COPY . . | |
| # Create and set permissions for the cache directory | |
| RUN mkdir -p /.cache /app/.cache && \ | |
| chown -R user:user /.cache /app/.cache && \ | |
| chmod -R u+w,go-w /.cache /app/.cache | |
| # Set up the environment variables | |
| ENV ALEMBIC_CONFIG=alembic.ini | |
| ENV TORCH_HOME=/app/.cache/torch | |
| # Switch to the non-root user | |
| USER user | |
| # Run the application, including the migration step | |
| CMD ["bash", "-c", "alembic upgrade head && uvicorn main:app --host 0.0.0.0 --port 7860"] |