# Use an official Python runtime as a parent image FROM python:3.9 # Install system dependencies required by OpenCV RUN apt-get update && apt-get install -y \ libgl1-mesa-glx \ && rm -rf /var/lib/apt/lists/* # Create a non-root user with a specified user ID RUN useradd -m -u 1000 user # Set environment variables for the non-root user ENV HOME=/home/user \ PATH=/home/user/.local/bin:$PATH \ NAME=EduConnect \ EC_ADMIN_PWD='$2b$12$wGncNhE7OVmsb7TKFuNPKuJfKOIKdGtw302VMDJbAPrHrY73jqID.' # Set the non-root user's home directory as the working directory WORKDIR $HOME # Create the /home/user/data directory and ensure it has the correct permissions RUN mkdir -p ./data && chown user:user ./data # Change to the non-root user USER user # Set the working directory to where the application files will be located WORKDIR $HOME/app # Copy only the requirements.txt first to leverage Docker cache COPY --chown=user:user requirements.txt ./ # Install any needed packages specified in requirements.txt # As the non-root user, ensure packages are installed to the user's home directory RUN pip install --no-cache-dir --user -r requirements.txt # Copy the rest of the application files into the container COPY --chown=user:user . . # Make port 7860 available to the world outside this container EXPOSE 7860 # Indicate that a volume is expected at /home/user/data # This directory is intended for persistent storage VOLUME /home/user/data # Run the FastAPI application using Uvicorn, binding to port 7860 CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "7860"]