FROM python:3.9-slim

# Create user with UID 1000
RUN useradd -m -u 1000 user

# Use writable cache location in user's home directory
ENV HF_HOME=/home/user/.cache/huggingface
ENV TRANSFORMERS_CACHE=/home/user/.cache/huggingface

# Create cache directory with proper permissions
RUN mkdir -p ${HF_HOME} && chown -R user:user /home/user

WORKDIR /app

# Install dependencies
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt gunicorn

# Copy application files
COPY --chown=user:user . .

USER user

EXPOSE 7860
CMD ["gunicorn", "--workers", "1", "--timeout", "300", "--bind", "0.0.0.0:7860", "api:app"]