Spaces:
Running
Running
| # syntax=docker/dockerfile:1.3 | |
| ARG PYTHON_VERSION=3.12-slim-bullseye | |
| FROM python:${PYTHON_VERSION} | |
| ENV PYTHONDONTWRITEBYTECODE 1 | |
| ENV PYTHONUNBUFFERED 1 | |
| # Install dependencies | |
| RUN apt-get update && apt-get install -y \ | |
| libpq-dev \ | |
| gcc \ | |
| g++ \ | |
| wget \ | |
| unzip \ | |
| xvfb \ | |
| libxi6 \ | |
| libgconf-2-4 \ | |
| gnupg \ | |
| curl \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # Install Chrome | |
| RUN wget -q -O - https://dl.google.com/linux/linux_signing_key.pub | apt-key add - \ | |
| && echo "deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main" > /etc/apt/sources.list.d/google-chrome.list \ | |
| && apt-get update \ | |
| && apt-get install -y google-chrome-stable | |
| # Install ChromeDriver | |
| RUN CHROMEDRIVER_VERSION=$(curl -sS chromedriver.storage.googleapis.com/LATEST_RELEASE) \ | |
| && wget -O /tmp/chromedriver.zip http://chromedriver.storage.googleapis.com/$CHROMEDRIVER_VERSION/chromedriver_linux64.zip \ | |
| && unzip /tmp/chromedriver.zip chromedriver -d /usr/local/bin/ | |
| RUN useradd -m -u 1000 user | |
| USER user | |
| ENV PATH="/home/user/.local/bin:$PATH" | |
| # Install Python dependencies | |
| COPY --chown=user requirements.txt /tmp/requirements.txt | |
| RUN pip install --no-cache-dir --upgrade pip \ | |
| && pip install --no-cache-dir -r /tmp/requirements.txt | |
| # Copy application code | |
| COPY --chown=user . /code | |
| WORKDIR /code | |
| USER root | |
| # Use secrets during build | |
| RUN mkdir -p /secrets | |
| RUN --mount=type=secret,id=HOST,required=true \ | |
| --mount=type=secret,id=DJANGO_SECRET,required=true \ | |
| --mount=type=secret,id=SECURE_TOKEN,required=true \ | |
| --mount=type=secret,id=WORKER_TOKEN,required=true \ | |
| --mount=type=secret,id=CLOUDFLARE_TURNSTILE_SECRET,required=true \ | |
| --mount=type=secret,id=REDIS_URL,required=true \ | |
| bash -c 'cp -r /run/secrets/* /secrets/' | |
| RUN chown -R user:user /secrets | |
| USER user | |
| RUN bash -c 'export HOST=$(cat /secrets/HOST) && \ | |
| export DJANGO_SECRET=$(cat /secrets/DJANGO_SECRET) && \ | |
| export SECURE_TOKEN=$(cat /secrets/SECURE_TOKEN) && \ | |
| export WORKER_TOKEN=$(cat /secrets/WORKER_TOKEN) && \ | |
| export CLOUDFLARE_TURNSTILE_SECRET=$(cat /secrets/CLOUDFLARE_TURNSTILE_SECRET) && \ | |
| export REDIS_URL=$(cat /secrets/REDIS_URL) && \ | |
| python manage.py makemigrations && \ | |
| python manage.py migrate --database=default && \ | |
| python manage.py migrate --database=cache && \ | |
| python manage.py migrate --database=DB1 && \ | |
| python manage.py migrate --database=DB2' | |
| USER root | |
| RUN rm -rf /secrets | |
| USER user | |
| CMD ["uvicorn", "core.asgi:application", "--host", "0.0.0.0", "--port", "7860", "--log-level", "debug"] | |