| # Use a specific Python version | |
| FROM python:3.11 | |
| # Set the working directory in the container | |
| WORKDIR /app | |
| # Install required system packages (ffmpeg is needed by yt-dlp for merging/conversion) | |
| RUN apt-get update && apt-get install -y --no-install-recommends ffmpeg && \ | |
| apt-get clean && rm -rf /var/lib/apt/lists/* | |
| # Create a non-root user for security | |
| # Using uid 1000 which is common | |
| RUN useradd -m -u 1000 appuser | |
| # Copy requirements first to leverage Docker cache | |
| COPY requirements.txt . | |
| # Install Python dependencies | |
| # Ensure requirements.txt contains: | |
| # fastapi[all] | |
| # yt-dlp | |
| # requests | |
| RUN pip install --pre --no-cache-dir -r requirements.txt | |
| # Copy the rest of the application files | |
| # Make sure main.py and www.youtube.com_cookies.txt (if used) are in the build context | |
| COPY . . | |
| # Set permissions: | |
| # - Directories: read/execute for all, write for owner (755) | |
| # - Files: read for all, write for owner (644) | |
| # - Change ownership to the non-root user | |
| # Note: Explicit chmod for cookie file might be redundant if COPY respects source permissions, but doesn't hurt. | |
| RUN find /app -type d -exec chmod 755 {} \; && \ | |
| find /app -type f -exec chmod 644 {} \; && \ | |
| chown -R appuser:appuser /app | |
| # Switch to the non-root user | |
| USER appuser | |
| # Expose the port the app will run on (common for HF Spaces) | |
| EXPOSE 7860 | |
| # Command to run the application using uvicorn | |
| # - main:app -> finds the 'app' instance in the 'main.py' file | |
| # - --host 0.0.0.0 -> makes the server accessible from outside the container | |
| # - --port 7860 -> matches the EXPOSE directive | |
| CMD ["uvicorn", "main:app", "--host", "0.0.0.0", "--port", "7860"] | |