30 lines
732 B
Docker
30 lines
732 B
Docker
FROM python:3.12-slim
|
|
|
|
ENV PYTHONDONTWRITEBYTECODE=1 \
|
|
PYTHONUNBUFFERED=1
|
|
|
|
WORKDIR /app
|
|
|
|
RUN apt-get update \
|
|
&& apt-get install -y --no-install-recommends ca-certificates \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
COPY requirements.txt ./
|
|
RUN pip install --no-cache-dir -r requirements.txt
|
|
|
|
COPY server.py ./
|
|
COPY templates ./templates
|
|
COPY static ./static
|
|
|
|
RUN useradd -m appuser
|
|
|
|
# Ensure the mounted volume path is writable by the non-root user.
|
|
# (docker named volumes are typically owned by root by default)
|
|
RUN mkdir -p /data && chown -R appuser:appuser /data
|
|
|
|
USER appuser
|
|
|
|
EXPOSE 8000
|
|
|
|
CMD ["gunicorn", "-b", "0.0.0.0:8000", "server:app", "--workers", "2", "--threads", "4", "--access-logfile", "-", "--error-logfile", "-"]
|