Spaces:

mgbam
/

CingenAI

Running

App Files Files Community

CingenAI / Dockerfile

mgbam

Update Dockerfile

6a0246e verified 6 days ago

raw

history blame

4.51 kB

	# Use an official Python runtime as a parent image
	FROM python:3.10-slim-bullseye

	# Set environment variables for Python, pip, and locale
	ENV PYTHONUNBUFFERED 1
	ENV PYTHONDONTWRITEBYTECODE 1
	ENV PIP_NO_CACHE_DIR off
	ENV PIP_DISABLE_PIP_VERSION_CHECK 1
	ENV DEBIAN_FRONTEND=noninteractive
	# Set a UTF-8 locale to prevent potential encoding issues with filenames or text processing
	ENV LANG C.UTF-8
	ENV LC_ALL C.UTF-8

	# Set the working directory in the container
	WORKDIR /app

	# Install system dependencies
	# - ffmpeg for MoviePy audio/video processing
	# - imagemagick for MoviePy TextClip and other image operations (ensure it's v6 or v7 compatible with policy fix)
	# - git for pip requirements from git
	# - fonts-dejavu-core, fonts-liberation for general font availability
	# - libgl1-mesa-glx, libglib2.0-0 often needed for CV/GUI libraries, though maybe not strictly for this app yet
	RUN apt-get update && apt-get install -y --no-install-recommends \
	ffmpeg \
	imagemagick \
	git \
	fonts-dejavu-core \
	fonts-liberation \
	libgl1-mesa-glx \
	libglib2.0-0 \
	&& rm -rf /var/lib/apt/lists/*

	# Modify ImageMagick policy.xml to allow operations needed by MoviePy
	# This is critical for TextClip and other ImageMagick-dependent features in MoviePy
	RUN if [ -f /etc/ImageMagick-6/policy.xml ]; then \
	XML_FILE="/etc/ImageMagick-6/policy.xml"; \
	logger -s "INFO: Modifying ImageMagick policy at $XML_FILE (v6) for MoviePy compatibility." ; \
	elif [ -f /etc/ImageMagick-7/policy.xml ]; then \
	XML_FILE="/etc/ImageMagick-7/policy.xml"; \
	logger -s "INFO: Modifying ImageMagick policy at $XML_FILE (v7) for MoviePy compatibility." ; \
	else \
	XML_FILE=""; \
	logger -s "WARNING: ImageMagick policy.xml not found in /etc/ImageMagick-[67]/. MoviePy TextClip might fail." ; \
	fi && \
	if [ -n "$XML_FILE" ] && [ -f "$XML_FILE" ]; then \
	sed -i 's/<policy domain="path" rights="none" pattern="@\"\/>/<!-- <policy domain="path" rights="none" pattern="@\" \/> -->/' "$XML_FILE" && \
	sed -i 's/<policy domain="coder" rights="none" pattern="TEXT"\/>/<!-- <policy domain="coder" rights="none" pattern="TEXT" \/> -->/' "$XML_FILE" && \
	sed -i 's/<policy domain="coder" rights="none" pattern="LABEL"\/>/<!-- <policy domain="coder" rights="none" pattern="LABEL" \/> -->/' "$XML_FILE" && \
	sed -i 's/<policy domain="coder" rights="none" pattern="MVG"\/>/<!-- <policy domain="coder" rights="none" pattern="MVG" \/> -->/' "$XML_FILE" && \
	sed -i 's/<policy domain="coder" rights="none" pattern="MSL"\/>/<!-- <policy domain="coder" rights="none" pattern="MSL" \/> -->/' "$XML_FILE" && \
	sed -i 's/<policy domain="coder" rights="none" pattern="HTTPS"\/>/<!-- <policy domain="coder" rights="none" pattern="HTTPS" \/> -->/' "$XML_FILE" && \
	sed -i 's/<policy domain="coder" rights="none" pattern="HTTP"\/>/<!-- <policy domain="coder" rights="none" pattern="HTTP" \/> -->/' "$XML_FILE" && \
	logger -s "INFO: ImageMagick policy modifications applied to $XML_FILE." ; \
	fi

	# Create a non-root user and group
	RUN groupadd -r appgroup && useradd --no-log-init -r -g appgroup -u 1000 appuser
	RUN mkdir -p /home/appuser/.cache && chown -R appuser:appgroup /home/appuser

	# Set Streamlit home directory to be writable by appuser
	ENV STREAMLIT_HOME=/home/appuser/.streamlit
	RUN mkdir -p $STREAMLIT_HOME && chown -R appuser:appgroup $STREAMLIT_HOME

	# Copy the requirements file first to leverage Docker cache
	COPY --chown=appuser:appgroup requirements.txt .

	# Install Python dependencies as the non-root user
	USER appuser
	RUN pip install --no-cache-dir --upgrade pip && \
	pip install --no-cache-dir -r requirements.txt

	# Copy the rest of the application code into the container
	USER root # Switch back to root to copy to /app, then chown
	COPY --chown=appuser:appgroup . .
	USER appuser # Switch back to appuser

	# Create the output directory for media and ensure it's writable by appuser
	# This should already be under /app which is owned by appuser now.
	RUN mkdir -p /app/temp_cinegen_media
	# The assets directory also needs to be accessible
	RUN mkdir -p /app/assets/fonts

	# Expose the port Streamlit runs on
	EXPOSE 8501

	# Define the command to run the application
	# Use 0.0.0.0 to make the app accessible from outside the container
	CMD ["streamlit", "run", "app.py", "--server.port=8501", "--server.address=0.0.0.0", "--global.sharingMode=off", "--client.gatherUsageStats=false"]