Update Dockerfile

Dockerfile

@@ -8,15 +8,18 @@ RUN apk update && apk add --no-cache \
     python3 \
     py3-pip \
     sqlite \
-    && pip3 install flask werkzeug --break-system-packages
-
-# Setup directories within /app
-RUN mkdir -p /app/admin/{templates,static} \
+    && pip3 install flask werkzeug \
+    && mkdir -p /var/lib/nginx/tmp \
+    && chown -R nginx:nginx /var/lib/nginx \
+    && chmod -R 770 /var/lib/nginx \
+    && mkdir -p /app/admin/{templates,static} \
     && mkdir -p /app/data \
+    && chown -R 1000:1000 /app \
+    && chmod -R 777 /app/uploads/temp \
     && chmod -R 777 /app/client/public/images \
     && chmod -R 777 /app/api/logs
 
-# ===== Integrated Admin Panel =====
+# ===== Admin Panel =====
 COPY <<"EOF" /app/admin/app.py
 from flask import Flask, request, jsonify, render_template
 import os
@@ -27,9 +30,16 @@ from pathlib import Path
 app = Flask(__name__, 
            template_folder=str(Path(__file__).parent/'templates'),
            static_folder=str(Path(__file__).parent/'static'))
+
+# Validate secrets
+required_secrets = ['FLASK_SECRET', 'SUDO_SECRET']
+for secret in required_secrets:
+    if not os.getenv(secret):
+        raise RuntimeError(f"Missing required secret: {secret}")
+
 app.secret_key = os.getenv("FLASK_SECRET")
 
-# SQLite in /app/data (ephemeral in free HF Spaces)
+# SQLite database
 DB_PATH = '/app/data/admin.db'
 
 def get_db():
@@ -79,6 +89,19 @@ def list_users():
     return jsonify([
         {"username": row[0]} for row in db.execute("SELECT username FROM users")
     ])
+
+@app.route('/sudo/remove_user', methods=['POST'])
+def remove_user():
+    if request.headers.get('X-Sudo-Secret') != os.getenv("SUDO_SECRET"):
+        return jsonify({"error": "Unauthorized"}), 403
+    
+    db = get_db()
+    db.execute("DELETE FROM users WHERE username=?", [request.json["username"]])
+    db.commit()
+    return jsonify({"status": "User removed"})
+
+if __name__ == "__main__":
+    app.run(host="0.0.0.0", port=5000)
 EOF
 
 # Admin templates
@@ -163,7 +186,6 @@ button {
 }
 EOF
 
-# Properly escaped JavaScript
 COPY <<"EOF" /app/admin/static/admin.js
 async function loadUsers() {
     const response = await fetch('/sudo/list_users', {
@@ -212,47 +234,53 @@ document.getElementById('addUserForm').addEventListener('submit', async (e) => {
 });
 
 document.addEventListener('DOMContentLoaded', () => {
-    if (!localStorage.getItem('sudo_token') && !window.location.pathname.includes('login')) {
+    const token = localStorage.getItem('sudo_token');
+    if (!token && !window.location.pathname.includes('login')) {
         window.location.href = '/sudo';
+    } else if (token) {
+        loadUsers();
     }
-    loadUsers();
 });
 EOF
 
-# Add delete endpoint to app.py
-RUN echo '@app.route("/sudo/remove_user", methods=["POST"])' >> /app/admin/app.py
-RUN echo 'def remove_user():' >> /app/admin/app.py
-RUN echo '    if request.headers.get("X-Sudo-Secret") != os.getenv("SUDO_SECRET"):' >> /app/admin/app.py
-RUN echo '        return jsonify({"error": "Unauthorized"}), 403' >> /app/admin/app.py
-RUN echo '    db = get_db()' >> /app/admin/app.py
-RUN echo '    db.execute("DELETE FROM users WHERE username=?", [request.json["username"]])' >> /app/admin/app.py
-RUN echo '    db.commit()' >> /app/admin/app.py
-RUN echo '    return jsonify({"status": "User removed"})' >> /app/admin/app.py
-
 # NGINX Configuration
 COPY <<"EOF" /etc/nginx/nginx.conf
-events { worker_connections 1024; }
+user nginx;
+worker_processes auto;
+
+events {
+    worker_connections 1024;
+}
+
 http {
+    include /etc/nginx/mime.types;
+    default_type application/octet-stream;
+    sendfile on;
+    keepalive_timeout 65;
+    client_max_body_size 20M;
+
     server {
         listen 7860;
-        
-        # LibreChat API
+        server_name localhost;
+
         location / {
             proxy_pass http://localhost:3080;
             proxy_set_header Host \$host;
             proxy_set_header X-Real-IP \$remote_addr;
+            proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
         }
-        
-        # Admin Panel
+
         location /sudo {
             proxy_pass http://localhost:5000;
             proxy_set_header X-Sudo-Secret \$http_x_sudo_secret;
         }
-        
-        # Static files
+
         location /static {
             alias /app/admin/static;
         }
+
+        access_log /dev/stdout;
+        error_log /dev/stderr;
     }
 }
 EOF
@@ -260,8 +288,12 @@ EOF
 # Startup script
 COPY <<"EOF" /start.sh
 #!/bin/sh
-# Start LibreChat
-cd /app/api && npm run backend &
+# Fix permissions
+chown -R nginx:nginx /var/lib/nginx
+chmod -R 770 /var/lib/nginx
+
+# Start LibreChat (using the correct command)
+cd /app && npm run start:backend &
 
 # Start Admin Panel
 cd /app/admin && python3 app.py &