Dockerfile

FROM python:3.11

# Create and use a non-root user
RUN useradd -ms /bin/bash appuser

# Set working directory for the application
WORKDIR /app

# Copy only the necessary files first for better cache utilization
COPY requirements.txt /app/requirements.txt

# Install system dependencies and clean up in a single RUN step to reduce layers
RUN apt-get update -y && apt-get upgrade -y \
    && apt-get install -y \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*

# Install Python dependencies from the requirements file
RUN pip3 install --no-cache-dir --upgrade -r requirements.txt

# Copy the rest of the application code after installing dependencies for better cache
COPY . /app

FROM nginx:alpine

COPY --from=builder /app /app

COPY nginx.conf /etc/nginx/conf.d/default.conf

# Create a non-root user and group
#RUN addgroup -S appgroup && adduser -S appuser -G appgroup
RUN addgroup appgroup && adduser -G appgroup appuser

WORKDIR /app

RUN chown -R appuser:appgroup /app

USER appuser

EXPOSE 7860

# Start Nginx and the AIOHTTP app
CMD ["sh", "-c", "python -u -m FileStream & nginx -g 'daemon off;'"]

# Set ownership and permissions for the app directory
#RUN chown -R admin:admin /app && chmod -R 777 /app

# Switch to the non-root user for better security
#USER admin

# Expose the port the application will run on
#EXPOSE 7860

# Command to run the application
#CMD ["python", "-u", "-m", "FileStream"]