Hugging Face's logo

Spaces:
devusman
/
ffmpeg
Sleeping

App Files Community
devusman commited on
Commit
ada642d
·
1 Parent(s): 2267503

updated dockerfile

Browse files
Files changed (1) hide show
  1. Dockerfile +26 -13
Dockerfile CHANGED
@@ -1,29 +1,42 @@
1
  # Use a lightweight Python image
2
  FROM python:3.11-slim
3
 
4
- # Install ffmpeg (needed by yt-dlp) and git
5
- RUN apt-get update && apt-get install -y \
6
  ffmpeg \
7
  git \
8
  && rm -rf /var/lib/apt/lists/*
9
 
10
- # Set working directory
11
- WORKDIR /app
 
 
12
 
13
- # Copy requirements first to leverage Docker cache
14
- COPY requirements.txt .
15
 
16
- # Install dependencies
17
- # Ensure gunicorn and gevent are included in your requirements.txt
18
- RUN pip install --no-cache-dir -r requirements.txt
19
 
20
- # Copy project files
21
- COPY . .
 
 
 
 
 
 
 
 
 
 
 
 
22
 
23
  # Expose the port the app will run on. Hugging Face Spaces typically use 7860.
24
  EXPOSE 7860
25
 
26
  # Start the Flask app using Gunicorn.
27
- # Hugging Face Spaces automatically sets the PORT environment variable.
28
- # We bind to 0.0.0.0 and the port specified by the PORT env var, with a fallback to 7860.
29
  CMD ["gunicorn", "--worker-class", "gevent", "--timeout", "3600", "--bind", "0.0.0.0:7860", "app:app"]
 
1
  # Use a lightweight Python image
2
  FROM python:3.11-slim
3
 
4
+ # Install system dependencies like ffmpeg and git as the root user
5
+ RUN apt-get update && apt-get install -y --no-install-recommends \
6
  ffmpeg \
7
  git \
8
  && rm -rf /var/lib/apt/lists/*
9
 
10
+ # Create a dedicated, non-root user for security.
11
+ # Hugging Face and other platforms run containers as a user like this.
12
+ RUN useradd -m -u 1000 user
13
+ ENV HOME=/home/user
14
 
15
+ # Set the working directory inside the new user's home directory
16
+ WORKDIR $HOME/app
17
 
18
+ # Copy the requirements file and set its ownership to the new user.
19
+ # This helps with Docker's layer caching.
20
+ COPY --chown=user:user requirements.txt .
21
 
22
+ # Switch from the root user to the non-root user
23
+ USER user
24
+
25
+ # Install Python dependencies into the user's home directory
26
+ # This avoids any permission issues with system-wide package installation.
27
+ RUN pip install --no-cache-dir --user -r requirements.txt
28
+
29
+ # Add the user's local bin directory to the system's PATH.
30
+ # This is crucial so that executables installed by pip (like gunicorn) can be found.
31
+ ENV PATH="$HOME/.local/bin:$PATH"
32
+
33
+ # Copy the rest of the project files, ensuring they are also owned by the user.
34
+ # This is what fixes the "Permission denied: 'cookies.txt'" error.
35
+ COPY --chown=user:user . .
36
 
37
  # Expose the port the app will run on. Hugging Face Spaces typically use 7860.
38
  EXPOSE 7860
39
 
40
  # Start the Flask app using Gunicorn.
41
+ # Binding to 0.0.0.0 makes it accessible from outside the container.
 
42
  CMD ["gunicorn", "--worker-class", "gevent", "--timeout", "3600", "--bind", "0.0.0.0:7860", "app:app"]