# Use the official lightweight Python image.
FROM python:3.11

# Allow statements and log messages to immediately appear in the logs
ENV PYTHONUNBUFFERED True

# Copy local code to the container image.
ENV APP_HOME /app
WORKDIR $APP_HOME
COPY . ./

# Install production dependencies.
RUN pip install --no-cache-dir -r requirements.txt

# Create a non-root user and switch to it
RUN useradd -m -u 1000 user
USER user
ENV HOME=/home/user \
	PATH=/home/user/.local/bin:$PATH

# Set work directory
WORKDIR $APP_HOME

# Change ownership of app files to the new user
COPY --chown=user . $HOME/app

# Run the web service on container startup.
CMD exec gunicorn --bind 0.0.0.0:7860 --workers $(nproc) --threads 8 --timeout 120 main:app