| # Builder stage | |
| FROM python:latest as builder | |
| # Create a non-root user and group | |
| RUN groupadd -r appuser && useradd -r -g appuser appuser | |
| # Set the working directory and grant permissions to the non-root user | |
| WORKDIR /srv | |
| RUN chown appuser:appuser /srv | |
| # Install dependencies and Python packages | |
| RUN apt-get update && apt-get install -y git ffmpeg aria2 \ | |
| && rm -rf /var/lib/apt/lists/* | |
| COPY requirements.txt . | |
| RUN pip install --no-cache-dir -r requirements.txt | |
| # Copy the application code | |
| COPY . /srv | |
| # Switch to the non-root user | |
| USER appuser | |
| # Define the command to run the application | |
| CMD uvicorn App.app:app --host 0.0.0.0 --port 7860 & celery -A App.Worker.celery worker -c 8 --loglevel=info | |
| # Expose the application port | |
| EXPOSE 7860 | |