File size: 4,385 Bytes
af8f89c 2a8928d 10b70a9 6a0246e af8f89c 10b70a9 6a0246e 10b70a9 e8816ce 2a8928d af8f89c 2a8928d af8f89c 6a0246e 2a8928d af8f89c f4be5ea e8816ce af8f89c 6db1678 af8f89c 6db1678 af8f89c e8816ce af8f89c 6db1678 af8f89c 111ba62 e8816ce 6a0246e e8816ce 2a8928d 6a0246e 8f7a7a3 e8816ce 0f0f717 8f7a7a3 e8816ce 8f7a7a3 6a0246e 2a8928d cd06c05 e8816ce cd06c05 264ac69 8f7a7a3 e8816ce 8f7a7a3 e8816ce 262b6c2 8f7a7a3 262b6c2 e8816ce 8f7a7a3 e8816ce 8f7a7a3 5e1192b af8f89c 5afbe18 af8f89c 7b05b4e |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 |
# Use an official Python runtime as a parent image
FROM python:3.10-slim-bullseye # Using -slim, not -slim-bullseye for broader compatibility initially
# Set environment variables for Python, pip, and locale
ENV PYTHONUNBUFFERED 1
ENV PYTHONDONTWRITEBYTECODE 1
ENV PIP_NO_CACHE_DIR off
ENV PIP_DISABLE_PIP_VERSION_CHECK 1
ENV DEBIAN_FRONTEND=noninteractive
ENV LANG C.UTF-8
ENV LC_ALL C.UTF-8
# Install system dependencies (as root)
# Added build-essential for packages that might need to compile C code
# Added libffi-dev (often needed by cryptography, a common sub-dependency)
RUN apt-get update && apt-get install -y --no-install-recommends \
ffmpeg \
imagemagick \
git \
build-essential \
libffi-dev \
fonts-dejavu-core \
fonts-liberation \
libgl1-mesa-glx \
libglib2.0-0 \
curl \
&& rm -rf /var/lib/apt/lists/*
# Modify ImageMagick policy.xml (as root)
RUN if [ -f /etc/ImageMagick-6/policy.xml ]; then \
XML_FILE="/etc/ImageMagick-6/policy.xml"; \
echo "INFO: Modifying ImageMagick policy at $XML_FILE (v6) for MoviePy compatibility." ; \
elif [ -f /etc/ImageMagick-7/policy.xml ]; then \
XML_FILE="/etc/ImageMagick-7/policy.xml"; \
echo "INFO: Modifying ImageMagick policy at $XML_FILE (v7) for MoviePy compatibility." ; \
else \
XML_FILE=""; \
echo "WARNING: ImageMagick policy.xml not found. MoviePy TextClip might fail." ; \
fi && \
if [ -n "$XML_FILE" ] && [ -f "$XML_FILE" ]; then \
sed -i 's/<policy domain="path" rights="none" pattern="@\*"\/>/<!-- <policy domain="path" rights="none" pattern="@\*" \/> -->/' "$XML_FILE" && \
sed -i 's/<policy domain="coder" rights="none" pattern="TEXT"\/>/<!-- <policy domain="coder" rights="none" pattern="TEXT" \/> -->/' "$XML_FILE" && \
sed -i 's/<policy domain="coder" rights="none" pattern="LABEL"\/>/<!-- <policy domain="coder" rights="none" pattern="LABEL" \/> -->/' "$XML_FILE" && \
sed -i 's/<policy domain="coder" rights="none" pattern="MVG"\/>/<!-- <policy domain="coder" rights="none" pattern="MVG" \/> -->/' "$XML_FILE" && \
sed -i 's/<policy domain="coder" rights="none" pattern="MSL"\/>/<!-- <policy domain="coder" rights="none" pattern="MSL" \/> -->/' "$XML_FILE" && \
sed -i 's/<policy domain="coder" rights="none" pattern="HTTPS"\/>/<!-- <policy domain="coder" rights="none" pattern="HTTPS" \/> -->/' "$XML_FILE" && \
sed -i 's/<policy domain="coder" rights="none" pattern="HTTP"\/>/<!-- <policy domain="coder" rights="none" pattern="HTTP" \/> -->/' "$XML_FILE" && \
echo "INFO: ImageMagick policy modifications applied to $XML_FILE." ; \
fi
# Create a non-root user and group, create home, .cache, and .streamlit dirs
RUN groupadd -r appgroup --gid 1000 && \
useradd --no-log-init -r -g appgroup -u 1000 --create-home --shell /bin/bash appuser && \
mkdir -p /home/appuser/.cache/pip && \
mkdir -p /home/appuser/.streamlit && \
chown -R appuser:appgroup /home/appuser
# Set Streamlit home directory (already created and chowned)
ENV STREAMLIT_HOME=/home/appuser/.streamlit
ENV BROWSER_GATHERUSAGEDATA=false
# Set the working directory in the container
WORKDIR /app
# Copy requirements.txt
COPY --chown=appuser:appgroup requirements.txt .
# Install Python dependencies as the non-root user
USER appuser
RUN pip install --no-cache-dir --upgrade pip && \
echo "Attempting to install packages from requirements.txt" && \
pip install --user --no-cache-dir -r requirements.txt && \
echo "Attempting to install streamlit-sortable from GitHub" && \
pip install --user --no-cache-dir git+https://github.com/okld/streamlit-sortable.git
# Add user's local bin to PATH
ENV PATH="/home/appuser/.local/bin:${PATH}"
# Switch back to root temporarily for copying application files and setting permissions
USER root
COPY . .
RUN chown -R appuser:appgroup /app
# Create runtime directories as appuser (now that /app is owned by appuser)
USER appuser
RUN mkdir -p /app/temp_cinegen_media
RUN mkdir -p /app/assets/fonts
# (Optional: System-wide font copy block, commented out as before, only if needed)
# Expose the port Streamlit runs on
EXPOSE 8501
# Define the command to run the application
CMD ["streamlit", "run", "app.py", "--server.port=8501", "--server.address=0.0.0.0", "--browser.gatherUsageStats=false"] |