Spaces:

mgbam
/

CingenAI

Running

App Files Files Community

CingenAI / Dockerfile

mgbam

Update Dockerfile

262b6c2 verified 16 days ago

raw

history blame

4.98 kB

	# Use an official Python runtime as a parent image
	FROM python:3.10-slim-bullseye

	# Set environment variables for Python, pip, and locale
	ENV PYTHONUNBUFFERED 1
	ENV PYTHONDONTWRITEBYTECODE 1
	ENV PIP_NO_CACHE_DIR off
	ENV PIP_DISABLE_PIP_VERSION_CHECK 1
	ENV DEBIAN_FRONTEND=noninteractive
	ENV LANG C.UTF-8
	ENV LC_ALL C.UTF-8

	# Set the working directory in the container
	WORKDIR /app

	# Install system dependencies
	RUN apt-get update && apt-get install -y --no-install-recommends \
	ffmpeg \
	imagemagick \
	git \
	fonts-dejavu-core \
	fonts-liberation \
	libgl1-mesa-glx \
	libglib2.0-0 \
	&& rm -rf /var/lib/apt/lists/*

	# Modify ImageMagick policy.xml
	RUN if [ -f /etc/ImageMagick-6/policy.xml ]; then \
	XML_FILE="/etc/ImageMagick-6/policy.xml"; \
	echo "INFO: Modifying ImageMagick policy at $XML_FILE (v6) for MoviePy compatibility." ; \
	elif [ -f /etc/ImageMagick-7/policy.xml ]; then \
	XML_FILE="/etc/ImageMagick-7/policy.xml"; \
	echo "INFO: Modifying ImageMagick policy at $XML_FILE (v7) for MoviePy compatibility." ; \
	else \
	XML_FILE=""; \
	echo "WARNING: ImageMagick policy.xml not found in /etc/ImageMagick-[67]/. MoviePy TextClip might fail." ; \
	fi && \
	if [ -n "$XML_FILE" ] && [ -f "$XML_FILE" ]; then \
	sed -i 's/<policy domain="path" rights="none" pattern="@\"\/>/<!-- <policy domain="path" rights="none" pattern="@\" \/> -->/' "$XML_FILE" && \
	sed -i 's/<policy domain="coder" rights="none" pattern="TEXT"\/>/<!-- <policy domain="coder" rights="none" pattern="TEXT" \/> -->/' "$XML_FILE" && \
	sed -i 's/<policy domain="coder" rights="none" pattern="LABEL"\/>/<!-- <policy domain="coder" rights="none" pattern="LABEL" \/> -->/' "$XML_FILE" && \
	sed -i 's/<policy domain="coder" rights="none" pattern="MVG"\/>/<!-- <policy domain="coder" rights="none" pattern="MVG" \/> -->/' "$XML_FILE" && \
	sed -i 's/<policy domain="coder" rights="none" pattern="MSL"\/>/<!-- <policy domain="coder" rights="none" pattern="MSL" \/> -->/' "$XML_FILE" && \
	sed -i 's/<policy domain="coder" rights="none" pattern="HTTPS"\/>/<!-- <policy domain="coder" rights="none" pattern="HTTPS" \/> -->/' "$XML_FILE" && \
	sed -i 's/<policy domain="coder" rights="none" pattern="HTTP"\/>/<!-- <policy domain="coder" rights="none" pattern="HTTP" \/> -->/' "$XML_FILE" && \
	echo "INFO: ImageMagick policy modifications applied to $XML_FILE." ; \
	fi

	# Create a non-root user and group
	RUN groupadd -r appgroup && useradd --no-log-init -r -g appgroup -u 1000 appuser
	# Create home directory structure for appuser, including .cache for pip
	RUN mkdir -p /home/appuser/.cache/pip && chown -R appuser:appgroup /home/appuser

	# Set Streamlit home directory to be writable by appuser
	# This directory will be created within /home/appuser, so appuser will own it.
	ENV STREAMLIT_HOME=/home/appuser/.streamlit
	# No need to mkdir/chown STREAMLIT_HOME here if appuser creates it at runtime,
	# or if we ensure /home/appuser is writable by appuser.
	# However, to be safe, especially if Streamlit tries to create it very early:
	RUN mkdir -p $STREAMLIT_HOME && chown -R appuser:appgroup $STREAMLIT_HOME

	# Copy the requirements file first
	COPY --chown=appuser:appgroup requirements.txt .

	# Install Python dependencies as the non-root user
	USER appuser
	RUN pip install --no-cache-dir --upgrade pip && \
	pip install --no-cache-dir -r requirements.txt

	# Switch back to root temporarily for copying application files and setting permissions
	USER root
	COPY . .
	RUN chown -R appuser:appgroup /app

	# Create runtime directories as root, then chown to appuser
	RUN mkdir -p /app/temp_cinegen_media && chown -R appuser:appgroup /app/temp_cinegen_media
	RUN mkdir -p /app/assets/fonts && chown -R appuser:appgroup /app/assets/fonts
	# Ensure custom fonts copied in assets/fonts are usable system-wide if needed by MoviePy's TextClip
	# This assumes your 'arial.ttf' (or other custom fonts) are in 'assets/fonts/' in your project.
	# If they are, copy them to a system font directory and update the font cache.
	# The VisualEngine also tries to load from 'assets/fonts/' directly via Pillow.
	RUN if [ -d "/app/assets/fonts" ] && [ "$(ls -A /app/assets/fonts)" ]; then \
	mkdir -p /usr/local/share/fonts/truetype/cinegen_custom && \
	cp /app/assets/fonts/.tf /usr/local/share/fonts/truetype/cinegen_custom/ 2>/dev/null \|\| true && \
	fc-cache -fv && \
	echo "INFO: Copied custom fonts and refreshed font cache."; \
	else \
	echo "INFO: No custom fonts found in /app/assets/fonts to copy system-wide." ; \
	fi

	# Switch to the non-root user for running the application
	USER appuser

	# Expose the port Streamlit runs on
	EXPOSE 8501

	# Define the command to run the application
	CMD ["streamlit", "run", "app.py", "--server.port=8501", "--server.address=0.0.0.0", "--global.sharingMode=off", "--client.gatherUsageStats=false"]