Hugging Face's logo

Spaces:
hadadrjt
/
ai
Running

App Files Community
2
hadadrjt commited on
Commit
a9cbf62
·
1 Parent(s): baf80c1

ai: Switch to production-ready Docker setup.

Browse files
Files changed (1) hide show
  1. Dockerfile +34 -12
Dockerfile CHANGED
@@ -1,27 +1,49 @@
1
- # Use the latest personal Ubuntu image as the starting point
2
- FROM hadadrjt/ubuntu:latest
 
 
3
 
4
- # Set the user to root to have full permissions during build and runtime
5
- USER root
 
6
 
7
- # Set the working directory inside the container to /usr/src/app
8
- # All subsequent commands will be run in this directory
9
  WORKDIR /usr/src/app
10
 
11
- # Copy all files from the current directory on the host machine to the working directory in the container
 
12
  COPY . .
13
 
14
- # Install Python dependencies listed in requirements.txt without using cache to reduce image size
 
 
15
  RUN pip install --no-cache-dir -r requirements.txt
16
 
17
- # Expose port 7860 so that it can be accessed from outside the container
 
 
 
 
 
 
 
 
 
 
18
  EXPOSE 7860
19
 
20
- # Set an environment variable to configure the Gradio server to listen on all network interfaces
 
21
  ENV GRADIO_SERVER_NAME="0.0.0.0"
22
 
23
- # Clear any default entrypoint to allow CMD to run directly
 
 
 
 
 
24
  ENTRYPOINT []
25
 
26
- # Specify the default command to run the Python application when the container starts
27
  CMD ["python", "app.py"]
 
1
+ #
2
+ # SPDX-FileCopyrightText: Hadad <[email protected]>
3
+ # SPDX-License-Identifier: Apache-2.0
4
+ #
5
 
6
+ # Use the latest version of Ubuntu image from the specified
7
+ # Docker Hub repository, as the base image for this container.
8
+ FROM hadadrjt/ubuntu:latest
9
 
10
+ # Set the working directory inside the container to /usr/src/app.
11
+ # All subsequent instructions will operate from this path.
12
  WORKDIR /usr/src/app
13
 
14
+ # Copy all files and directories from the build context on the
15
+ # host machine into the working directory in the container.
16
  COPY . .
17
 
18
+ # Install all Python dependencies listed in requirements.txt.
19
+ # The --no-cache-dir flag ensures that pip does not store the
20
+ # downloaded packages, reducing image size.
21
  RUN pip install --no-cache-dir -r requirements.txt
22
 
23
+ # Create a new user named 'app' for running the
24
+ # application in production.
25
+ # Change ownership and permissions of the application directory.
26
+ # Lock the root account and restrict shell access.
27
+ RUN useradd -m app \
28
+ && chown -R app:app /usr/src/app \
29
+ && chmod -R u+rwX /usr/src/app \
30
+ && passwd -l root \
31
+ && usermod -s /usr/sbin/nologin root
32
+
33
+ # Expose port to allow external access to the Gradio application.
34
  EXPOSE 7860
35
 
36
+ # Set an environment variable so Gradio listens on all network
37
+ # interfaces, enabling external connections.
38
  ENV GRADIO_SERVER_NAME="0.0.0.0"
39
 
40
+ # Switch to the 'app' user for all subsequent instructions to
41
+ # enhance security and prevent running as root.
42
+ USER app
43
+
44
+ # Remove any default entrypoint to ensure only the CMD instruction is
45
+ # executed when the container starts.
46
  ENTRYPOINT []
47
 
48
+ # Define the default command to start the application.
49
  CMD ["python", "app.py"]