Dockerfile

FROM alpine:latest

# Install system dependencies
RUN apk update && apk upgrade && \
    apk add --no-cache nginx python3 python3-dev py3-pip build-base libffi-dev openssl-dev shadow gcc musl-dev ca-certificates openrc

# Create a group and user
#RUN addgroup -S appgroup && adduser -S appuser -G appgroup
RUN adduser -D -g 'user' user

# Remove sudoers entries (highly recommended)
#RUN echo "appuser ALL=(ALL:ALL) ALL" >> /etc/sudoers
#RUN echo "nginx ALL=(ALL:ALL) ALL" >> /etc/sudoers

# Set working directory
WORKDIR /app

# Copy requirements and install in ONE combined RUN command
COPY requirements.txt /app/
RUN python3 -m venv /app/venv && \
    /app/venv/bin/pip install --no-cache-dir --upgrade pip && \
    /app/venv/bin/pip install --no-cache-dir -r requirements.txt && \
    /app/venv/bin/pip list 
    # Verify installation WITHIN THE SAME RUN COMMAND

# Copy the rest of the application code
COPY . /app

# Copy Nginx config
COPY www.privateone-teleapi.hf.space.conf /etc/nginx/conf.d/www.privateone-teleapi.hf.space.conf

# Create necessary directories and set correct permissions (fix ownership)
RUN mkdir -p /var/www/html /var/log/nginx /run/nginx && \
    chown -R nginx:nginx /var/lib/nginx /var/log/nginx /run/nginx && \
    chown -R user:user /app /var/www/html /var/lib/nginx  && chmod -R 777 /app

# Remove the user directive from the main nginx.conf (not needed)
#RUN sed -i '/^user /d' /etc/nginx/nginx.conf

# Print the configuration files to the console (good addition)
RUN cat /etc/nginx/nginx.conf && echo "--------------------" 
# && cat /etc/nginx/conf.d/default.conf 

# Switch to non-root user
USER appuser

# Start Nginx and your application (using exec and the correct Python path)
CMD ["sh", "-c", "rc-service nginx -s reload && exec /app/venv/bin/python -u -m FileStream"]