permissions
Browse files- Dockerfile +15 -6
Dockerfile
CHANGED
|
@@ -1,19 +1,28 @@
|
|
| 1 |
# Builder stage
|
| 2 |
FROM python:latest as builder
|
| 3 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 4 |
WORKDIR /srv
|
|
|
|
| 5 |
|
| 6 |
-
|
|
|
|
| 7 |
&& rm -rf /var/lib/apt/lists/*
|
| 8 |
|
| 9 |
COPY requirements.txt .
|
| 10 |
RUN pip install --no-cache-dir -r requirements.txt
|
| 11 |
|
| 12 |
-
|
| 13 |
-
|
| 14 |
-
|
| 15 |
COPY . /srv
|
| 16 |
|
| 17 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 18 |
|
| 19 |
-
|
|
|
|
|
|
| 1 |
# Builder stage
|
| 2 |
FROM python:latest as builder
|
| 3 |
|
| 4 |
+
# Create a non-root user and group
|
| 5 |
+
RUN groupadd -r appuser && useradd -r -g appuser appuser
|
| 6 |
+
|
| 7 |
+
# Set the working directory and grant permissions to the non-root user
|
| 8 |
WORKDIR /srv
|
| 9 |
+
RUN chown appuser:appuser /srv
|
| 10 |
|
| 11 |
+
# Install dependencies and Python packages
|
| 12 |
+
RUN apt-get update && apt-get install -y git ffmpeg aria2 \
|
| 13 |
&& rm -rf /var/lib/apt/lists/*
|
| 14 |
|
| 15 |
COPY requirements.txt .
|
| 16 |
RUN pip install --no-cache-dir -r requirements.txt
|
| 17 |
|
| 18 |
+
# Copy the application code
|
|
|
|
|
|
|
| 19 |
COPY . /srv
|
| 20 |
|
| 21 |
+
# Switch to the non-root user
|
| 22 |
+
USER appuser
|
| 23 |
+
|
| 24 |
+
# Define the command to run the application
|
| 25 |
+
CMD uvicorn App.app:app --host 0.0.0.0 --port 7860 & celery -A App.Worker.celery worker -c 8 --loglevel=info
|
| 26 |
|
| 27 |
+
# Expose the application port
|
| 28 |
+
EXPOSE 7860
|