| # Use Python 3.10 slim image for smaller size | |
| FROM python:3.10-slim | |
| # Set environment variables | |
| ENV PYTHONDONTWRITEBYTECODE=1 | |
| ENV PYTHONUNBUFFERED=1 | |
| ENV TRANSFORMERS_CACHE=/app/.cache | |
| ENV HF_HOME=/app/.cache | |
| # Install system dependencies | |
| RUN apt-get update && apt-get install -y --no-install-recommends \ | |
| ffmpeg \ | |
| git \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # Create non-root user for security | |
| RUN useradd -m -u 1000 appuser | |
| # Set working directory | |
| WORKDIR /app | |
| # Copy requirements first (for Docker layer caching) | |
| COPY requirements.txt . | |
| # Install Python dependencies | |
| RUN pip install --no-cache-dir --upgrade pip && \ | |
| pip install --no-cache-dir -r requirements.txt | |
| # Copy application code | |
| COPY . . | |
| # Create cache directory with proper permissions | |
| RUN mkdir -p /app/.cache && chown -R appuser:appuser /app | |
| # Switch to non-root user | |
| USER appuser | |
| # Expose port (Hugging Face Spaces uses 7860) | |
| EXPOSE 7860 | |
| # Health check | |
| HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \ | |
| CMD python -c "import requests; requests.get('http://localhost:7860/api/health')" || exit 1 | |
| # Run with gunicorn for production | |
| # - timeout 600s for long model loading times | |
| # - workers 1 to save memory (models are heavy) | |
| # - threads 4 for concurrent requests | |
| CMD ["gunicorn", "--bind", "0.0.0.0:7860", "--timeout", "600", "--workers", "1", "--threads", "4", "app:app"] | |