Spaces:
Sleeping
Sleeping
Commit
·
dc99ae6
1
Parent(s):
3c1d78b
update: dockerfile ffmpeg permission
Browse files- Dockerfile +18 -15
Dockerfile
CHANGED
|
@@ -3,6 +3,10 @@ FROM ubuntu:22.04
|
|
| 3 |
# Prevent interactive prompts during installation
|
| 4 |
ENV DEBIAN_FRONTEND=noninteractive
|
| 5 |
|
|
|
|
|
|
|
|
|
|
|
|
|
| 6 |
# Install system dependencies
|
| 7 |
RUN apt-get update && apt-get install -y \
|
| 8 |
software-properties-common && \
|
|
@@ -16,12 +20,13 @@ RUN apt-get update && apt-get install -y \
|
|
| 16 |
|
| 17 |
# Create directories with proper permissions
|
| 18 |
WORKDIR /app
|
| 19 |
-
RUN mkdir -p /app/resources/{temp_video,audio,fonts,intro} \
|
| 20 |
-
|
| 21 |
-
|
| 22 |
-
|
| 23 |
-
|
| 24 |
-
|
|
|
|
| 25 |
|
| 26 |
# Copy and install requirements
|
| 27 |
COPY requirements.txt .
|
|
@@ -30,7 +35,7 @@ RUN pip3 install -r requirements.txt
|
|
| 30 |
# Copy application code
|
| 31 |
COPY . .
|
| 32 |
|
| 33 |
-
# Configure ImageMagick
|
| 34 |
RUN mv /etc/ImageMagick-6/policy.xml /etc/ImageMagick-6/policy.xml.bak || true
|
| 35 |
RUN echo '<policymap> \
|
| 36 |
<policy domain="resource" name="memory" value="512MiB"/> \
|
|
@@ -39,18 +44,16 @@ RUN echo '<policymap> \
|
|
| 39 |
<policy domain="resource" name="height" value="16KP"/> \
|
| 40 |
<policy domain="resource" name="area" value="256MB"/> \
|
| 41 |
<policy domain="resource" name="disk" value="2GiB"/> \
|
| 42 |
-
<policy domain="delegate" rights="none" pattern="URL" /> \
|
| 43 |
-
<policy domain="delegate" rights="none" pattern="HTTPS" /> \
|
| 44 |
-
<policy domain="delegate" rights="none" pattern="HTTP" /> \
|
| 45 |
<policy domain="path" rights="read|write" pattern="@*"/> \
|
|
|
|
| 46 |
</policymap>' > /etc/ImageMagick-6/policy.xml
|
| 47 |
|
| 48 |
-
# Set proper permissions
|
| 49 |
-
RUN chown -R nobody:nogroup /app \
|
| 50 |
-
|
| 51 |
-
|
| 52 |
|
| 53 |
-
#
|
| 54 |
USER nobody
|
| 55 |
|
| 56 |
EXPOSE 7860
|
|
|
|
| 3 |
# Prevent interactive prompts during installation
|
| 4 |
ENV DEBIAN_FRONTEND=noninteractive
|
| 5 |
|
| 6 |
+
# Set environment variables for MoviePy
|
| 7 |
+
ENV IMAGEMAGICK_BINARY=/usr/bin/convert
|
| 8 |
+
ENV IMAGEIO_FFMPEG_EXE=/usr/bin/ffmpeg
|
| 9 |
+
|
| 10 |
# Install system dependencies
|
| 11 |
RUN apt-get update && apt-get install -y \
|
| 12 |
software-properties-common && \
|
|
|
|
| 20 |
|
| 21 |
# Create directories with proper permissions
|
| 22 |
WORKDIR /app
|
| 23 |
+
RUN mkdir -p /app/resources/{temp_video,audio,fonts,intro} && \
|
| 24 |
+
mkdir -p /tmp/moviepy && \
|
| 25 |
+
mkdir -p /tmp/audio_temp && \
|
| 26 |
+
chmod -R 777 /app/resources && \
|
| 27 |
+
chmod -R 777 /tmp/moviepy && \
|
| 28 |
+
chmod -R 777 /tmp/audio_temp && \
|
| 29 |
+
chmod -R 777 /tmp
|
| 30 |
|
| 31 |
# Copy and install requirements
|
| 32 |
COPY requirements.txt .
|
|
|
|
| 35 |
# Copy application code
|
| 36 |
COPY . .
|
| 37 |
|
| 38 |
+
# Configure ImageMagick with more permissive policy
|
| 39 |
RUN mv /etc/ImageMagick-6/policy.xml /etc/ImageMagick-6/policy.xml.bak || true
|
| 40 |
RUN echo '<policymap> \
|
| 41 |
<policy domain="resource" name="memory" value="512MiB"/> \
|
|
|
|
| 44 |
<policy domain="resource" name="height" value="16KP"/> \
|
| 45 |
<policy domain="resource" name="area" value="256MB"/> \
|
| 46 |
<policy domain="resource" name="disk" value="2GiB"/> \
|
|
|
|
|
|
|
|
|
|
| 47 |
<policy domain="path" rights="read|write" pattern="@*"/> \
|
| 48 |
+
<policy domain="path" rights="read|write" pattern="/tmp/*"/> \
|
| 49 |
</policymap>' > /etc/ImageMagick-6/policy.xml
|
| 50 |
|
| 51 |
+
# Set proper permissions for the entire application
|
| 52 |
+
RUN chown -R nobody:nogroup /app && \
|
| 53 |
+
chmod -R 755 /app && \
|
| 54 |
+
chmod -R 777 /tmp
|
| 55 |
|
| 56 |
+
# Switch to non-root user
|
| 57 |
USER nobody
|
| 58 |
|
| 59 |
EXPOSE 7860
|