Spaces:
Running
Running
| FROM python:3.11-slim | |
| # Install system dependencies with security updates | |
| RUN apt-get update && apt-get install -y \ | |
| curl \ | |
| && apt-get upgrade -y \ | |
| && apt-get clean \ | |
| && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* | |
| # Create non-root user for security | |
| RUN groupadd -r appuser && useradd -r -g appuser -m appuser | |
| # Set working directory | |
| WORKDIR /app | |
| # Copy requirements and install Python packages | |
| COPY requirements.txt . | |
| RUN pip3 install --no-cache-dir --upgrade pip && \ | |
| pip3 install --no-cache-dir -r requirements.txt | |
| # Copy FastAPI application | |
| COPY app.py . | |
| # Create logs directory and change ownership | |
| RUN mkdir -p /app/logs && \ | |
| chown -R appuser:appuser /app | |
| # Set environment variables | |
| ENV HOME=/home/appuser | |
| # Switch to non-root user | |
| USER appuser | |
| # Expose port | |
| EXPOSE 7860 | |
| # Health check | |
| HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \ | |
| CMD curl -f http://localhost:7860/health || exit 1 | |
| # Start FastAPI application | |
| CMD ["python3", "-m", "uvicorn", "app:app", "--host", "0.0.0.0", "--port", "7860"] |