Spaces:
Running
Running
| # Stage 1: Build stage (if needed for compiling specific dependencies) | |
| FROM python:3.9-slim as build-stage | |
| # Install system dependencies required for Python packages | |
| RUN apt-get update && apt-get install -y build-essential | |
| # Set the working directory | |
| WORKDIR /app | |
| # Copy requirements file | |
| COPY requirements.txt . | |
| # Install Python dependencies | |
| RUN pip install --no-cache-dir -r requirements.txt | |
| # Stage 2: Final stage | |
| FROM python:3.9-slim | |
| # Install system dependencies required at runtime | |
| RUN apt-get update && apt-get install -y libmagic1 file && apt-get clean | |
| # Set the working directory in the container | |
| WORKDIR /app | |
| # Copy Python dependencies from the build stage | |
| COPY --from=build-stage /usr/local/lib/python3.9/site-packages /usr/local/lib/python3.9/site-packages | |
| COPY --from=build-stage /usr/local/bin /usr/local/bin | |
| # Add non-root user and switch to it for better security | |
| RUN useradd -m flaskuser | |
| # Copy application code | |
| COPY . /app | |
| # Create 'letterhead' directory and set write permissions for flaskuser | |
| RUN mkdir /app/letterhead && chown flaskuser:flaskuser /app/letterhead && chmod 755 /app/letterhead | |
| # Change ownership of /app to flaskuser | |
| RUN chown -R flaskuser:flaskuser /app | |
| # Switch to the non-root user | |
| USER flaskuser | |
| # Expose the port your Flask app will run on | |
| EXPOSE 7860 | |
| # Run the Flask app using gunicorn with an infinite request timeout | |
| CMD ["gunicorn", "--bind", "0.0.0.0:7860", "--timeout", "0", "--access-logfile", "-", "--error-logfile", "-", "app:app"] |