| # ---------------------------------------------------------- | |
| # 1. Base Image | |
| # ---------------------------------------------------------- | |
| FROM ubuntu:22.04 | |
| # Avoid interactive prompts during build | |
| ENV DEBIAN_FRONTEND=noninteractive | |
| # ---------------------------------------------------------- | |
| # 2. Install System Dependencies | |
| # ---------------------------------------------------------- | |
| RUN apt-get update && apt-get install -y --no-install-recommends \ | |
| wget \ | |
| curl \ | |
| ca-certificates \ | |
| git \ | |
| build-essential \ | |
| python3 \ | |
| python3-pip \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # ---------------------------------------------------------- | |
| # 3. Install Ollama as Root | |
| # ---------------------------------------------------------- | |
| # Set OLLAMA_HOME to a writable directory | |
| ENV OLLAMA_HOME=/ollama-data | |
| RUN mkdir -p $OLLAMA_HOME && chmod 755 $OLLAMA_HOME | |
| RUN curl -fsSL https://ollama.com/install.sh | bash | |
| # ---------------------------------------------------------- | |
| # 4. Create a Non-Root User | |
| # ---------------------------------------------------------- | |
| RUN useradd -m appuser | |
| # ---------------------------------------------------------- | |
| # 5. Set Permissions for Ollama Directory | |
| # ---------------------------------------------------------- | |
| RUN chown -R appuser:appuser $OLLAMA_HOME | |
| # ---------------------------------------------------------- | |
| # 6. Set Working Directory for the Application | |
| # ---------------------------------------------------------- | |
| WORKDIR /app | |
| # ---------------------------------------------------------- | |
| # 7. Copy and Install Python Requirements | |
| # ---------------------------------------------------------- | |
| COPY requirements.txt . | |
| RUN pip3 install --no-cache-dir -r requirements.txt | |
| # ---------------------------------------------------------- | |
| # 8. Copy Application Files | |
| # ---------------------------------------------------------- | |
| COPY app.py /app/app.py | |
| COPY entrypoint.sh /entrypoint.sh | |
| RUN chmod +x /entrypoint.sh | |
| # ---------------------------------------------------------- | |
| # 9. Set Environment Variables and Expose Port | |
| # ---------------------------------------------------------- | |
| ENV API_KEY=${API_KEY} | |
| EXPOSE 7860 | |
| # ---------------------------------------------------------- | |
| # 10. Adjust Ownership of Application Directory | |
| # ---------------------------------------------------------- | |
| RUN chown -R appuser:appuser /app | |
| # ---------------------------------------------------------- | |
| # 11. Switch to Non-Root User | |
| # ---------------------------------------------------------- | |
| USER appuser | |
| # ---------------------------------------------------------- | |
| # 12. Define Entrypoint | |
| # ---------------------------------------------------------- | |
| CMD ["/entrypoint.sh"] | |