Dockerfile

FROM python:3.10-slim

ENV PYTHONUNBUFFERED=1
ENV DEBIAN_FRONTEND=noninteractive

RUN apt-get update && \
    apt-get install -y --no-install-recommends \
        ffmpeg \
        libsm6 \
        libxext6 \
        fontconfig \
        imagemagick \
        ghostscript && \ # Often needed by ImageMagick for text/vector handling
    # Modify ImageMagick policy to be less restrictive for TextClip
    # This comments out common restrictive policies. Be aware of security implications if image content is user-supplied.
    # For a more targeted approach, identify the exact policy causing the block.
    # Common paths for policy.xml: /etc/ImageMagick-6/policy.xml or /etc/ImageMagick/policy.xml
    # The path might vary based on ImageMagick version (e.g., ImageMagick-6 or ImageMagick-7)
    # First, find the policy file path
    ( \
        POLICY_FILE=$(find /etc/ImageMagick* -name policy.xml | head -n 1) && \
        if [ -f "$POLICY_FILE" ]; then \
            echo "INFO: Modifying ImageMagick policy file: $POLICY_FILE"; \
            sed -i 's/<policy domain="coder" rights="none" pattern="PS" \/>/<!-- <policy domain="coder" rights="none" pattern="PS" \/> -->/' "$POLICY_FILE"; \
            sed -i 's/<policy domain="coder" rights="none" pattern="PS2" \/>/<!-- <policy domain="coder" rights="none" pattern="PS2" \/> -->/' "$POLICY_FILE"; \
            sed -i 's/<policy domain="coder" rights="none" pattern="PS3" \/>/<!-- <policy domain="coder" rights="none" pattern="PS3" \/> -->/' "$POLICY_FILE"; \
            sed -i 's/<policy domain="coder" rights="none" pattern="EPS" \/>/<!-- <policy domain="coder" rights="none" pattern="EPS" \/> -->/' "$POLICY_FILE"; \
            sed -i 's/<policy domain="coder" rights="none" pattern="PDF" \/>/<!-- <policy domain="coder" rights="none" pattern="PDF" \/> -->/' "$POLICY_FILE"; \
            sed -i 's/<policy domain="coder" rights="none" pattern="XPS" \/>/<!-- <policy domain="coder" rights="none" pattern="XPS" \/> -->/' "$POLICY_FILE"; \
            sed -i 's/<policy domain="coder" rights="none" pattern="LABEL" \/>/<!-- <policy domain="coder" rights="none" pattern="LABEL" \/> -->/' "$POLICY_FILE"; \
            sed -i 's/<policy domain="coder" rights="none" pattern="TEXT" \/>/<!-- <policy domain="coder" rights="none" pattern="TEXT" \/> -->/' "$POLICY_FILE"; \
            sed -i 's/<policy domain="path" rights="none" pattern="@*" \/>/<!-- <policy domain="path" rights="none" pattern="@*" \/> -->/' "$POLICY_FILE"; \
            echo "INFO: ImageMagick policy potentially updated."; \
        else \
            echo "WARNING: ImageMagick policy.xml not found. TextClip might fail."; \
        fi \
    ) && \
    apt-get clean && \
    rm -rf /var/lib/apt/lists/*

# Create directory for custom fonts and copy your font file(s)
RUN mkdir -p /usr/local/share/fonts/truetype/mycustomfonts
COPY assets/fonts/arial.ttf /usr/local/share/fonts/truetype/mycustomfonts/arial.ttf 

# Rebuild font cache AFTER copying fonts
RUN fc-cache -f -s -v

# Create a non-root user and group
ARG APP_USER_UID=1000
ARG APP_USER_GID=1000
RUN groupadd --gid $APP_USER_GID appgroup && \
    useradd --uid $APP_USER_UID --gid appgroup --shell /bin/bash --create-home appuser

WORKDIR /home/appuser/app
COPY --chown=appuser:appgroup requirements.txt ./

USER appuser
ENV PATH="/home/appuser/.local/bin:${PATH}" 

RUN python -m pip install --no-cache-dir --upgrade pip
RUN python -m pip install --no-cache-dir -r requirements.txt

COPY --chown=appuser:appgroup . .

EXPOSE 8501
CMD ["streamlit", "run", "app.py", "--server.headless=true", "--server.port=8501", "--server.fileWatcherType=none"]