File size: 2,637 Bytes
10b70a9 d976baa dbff676 d976baa dbff676 d976baa dbff676 b0b535a dbff676 d976baa b0b535a d976baa 10b70a9 f4be5ea 10b70a9 111ba62 5e1192b e6ba6db 0f0f717 f4be5ea 264ac69 b0b535a 0f0f717 b0b535a 264ac69 b0b535a f4be5ea b0b535a 5e1192b 5afbe18 e6ba6db |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
FROM python:3.10-slim
ENV PYTHONUNBUFFERED=1
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && \
apt-get install -y --no-install-recommends \
ffmpeg \
libsm6 \
libxext6 \
fontconfig \
imagemagick \
ghostscript && \
( \
POLICY_FILE=$(find /etc/ImageMagick* -name policy.xml -print -quit 2>/dev/null) && \
if [ -n "$POLICY_FILE" ] && [ -f "$POLICY_FILE" ]; then \
echo "INFO: Modifying ImageMagick policy file: $POLICY_FILE"; \
sed -i 's/<policy domain="coder" rights="none" pattern="PS" \/>/<!-- & -->/' "$POLICY_FILE" && \
sed -i 's/<policy domain="coder" rights="none" pattern="EPS" \/>/<!-- & -->/' "$POLICY_FILE" && \
sed -i 's/<policy domain="coder" rights="none" pattern="PDF" \/>/<!-- & -->/' "$POLICY_FILE" && \
sed -i 's/<policy domain="coder" rights="none" pattern="TEXT" \/>/<!-- & -->/' "$POLICY_FILE" && \
sed -i 's/<policy domain="coder" rights="none" pattern="LABEL" \/>/<!-- & -->/' "$POLICY_FILE" && \
sed -i 's/<policy domain="path" rights="none" pattern="@*" \/>/<!-- & -->/' "$POLICY_FILE" && \
echo "INFO: ImageMagick policy potentially updated."; \
else \
echo "WARNING: ImageMagick policy.xml not found. TextClip might fail."; \
fi \
) && \
apt-get clean && \
rm -rf /var/lib/apt/lists/*
RUN mkdir -p /usr/local/share/fonts/truetype/mycustomfonts
COPY assets/fonts/arial.ttf /usr/local/share/fonts/truetype/mycustomfonts/arial.ttf
RUN fc-cache -f -s -v
ARG APP_USER_UID=1000
ARG APP_USER_GID=1000
RUN groupadd --gid $APP_USER_GID appgroup && \
useradd --uid $APP_USER_UID --gid appgroup --shell /bin/bash --create-home appuser
# Set WORKDIR for appuser's home/app space
WORKDIR /home/appuser/app
# Copy requirements first (as root or default builder user)
COPY requirements.txt ./
RUN python -m pip install --no-cache-dir --upgrade pip && \
python -m pip install --no-cache-dir -r requirements.txt
# Copy all application code
COPY . .
# Ensure the output directory exists and is writable by appuser BEFORE switching user
RUN mkdir -p /home/appuser/app/temp_cinegen_media && \
chown -R appuser:appgroup /home/appuser/app/temp_cinegen_media && \
chown -R appuser:appgroup /home/appuser/app
# Switch to the non-root user
USER appuser
# Ensure user's local bin is in PATH for pip-installed executables
ENV PATH="/home/appuser/.local/bin:${PATH}"
EXPOSE 8501
CMD ["streamlit", "run", "app.py", "--server.headless=true", "--server.port=8501", "--server.fileWatcherType=none"] |