37 lines
1.1 KiB
Docker
37 lines
1.1 KiB
Docker
# --- Base image ---
|
|
FROM python:3.12-slim
|
|
|
|
# --- Environment variables ---
|
|
ENV PYTHONDONTWRITEBYTECODE=1
|
|
ENV PYTHONUNBUFFERED=1
|
|
|
|
# --- Set working directory ---
|
|
WORKDIR /cost-assistant
|
|
|
|
# --- Install system dependencies (minimal for OpenCV, Poppler, PDF/image handling) ---
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
libgl1 \
|
|
libglib2.0-0 \
|
|
poppler-utils \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# --- Copy requirements and install Python dependencies ---
|
|
COPY requirements.txt .
|
|
RUN python -m pip install --no-cache-dir -r requirements.txt
|
|
|
|
# --- Copy project files ---
|
|
COPY . .
|
|
|
|
# --- Create upload folder and set permissions ---
|
|
RUN mkdir -p data/uploads \
|
|
&& groupadd -r appuser && useradd -r -g appuser appuser \
|
|
&& chown -R appuser:appuser data/uploads
|
|
|
|
# --- Switch to non-root user for security ---
|
|
USER appuser
|
|
|
|
# --- Expose internal port (optional, handled via Docker Compose) ---
|
|
EXPOSE 8000
|
|
|
|
# --- Run Gunicorn with Uvicorn worker for production ---
|
|
CMD ["gunicorn", "main:app", "-k", "uvicorn.workers.UvicornWorker", "--bind", "0.0.0.0:8000", "--workers", "4", "--timeout", "120"]
|