Home Explore Help
Sign In
yunoadmin
/
bambuddy
mirror of https://github.com/maziggy/bambuddy
1
0
Fork 0
Files Issues 0 Wiki
Tree: 7ea78a2969
Branches Tags
bambuddy
/
Dockerfile

Dockerfile 2.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172 
  1. # Build frontend
    2. 

  2. FROM node:22-bookworm-slim AS frontend-builder
    3. 

  3. 

  4. WORKDIR /app/frontend
    5. 

  5. 

  6. # Copy package files first for better caching
    7. 

  7. COPY frontend/package*.json ./
    8. 

  8. 

  9. # Use cache mount for npm
    10. 

  10. RUN --mount=type=cache,target=/root/.npm \
    11. 

  11.     npm ci
    12. 

  12. 

  13. COPY frontend/ ./
    14. 

  14. RUN npm run build
    15. 

  15. 

  16. # Production image
    17. 

  17. FROM python:3.13-slim
    18. 

  18. 

  19. WORKDIR /app
    20. 

  20. 

  21. # Install system dependencies
    22. 

  22. ENV DEBIAN_FRONTEND=noninteractive
    23. 

  23. RUN apt-get update && apt-get install -y --no-install-recommends \
    24. 

  24.     curl \
    25. 

  25.     ffmpeg \
    26. 

  26.     iproute2 \
    27. 

  27.     libcap2-bin \
    28. 

  28.     && rm -rf /var/lib/apt/lists/* \
    29. 

  29.     && mkdir -p /etc/gnutls \
    30. 

  30.     && printf '[overrides]\ninsecure-hash = SHA1\n[priorities]\nSYSTEM = NORMAL:%%UNSAFE_RENEGOTIATION:%%COMPAT\n' > /etc/gnutls/config
    31. 

  31. 

  32. # Allow binding to privileged ports (e.g. 990/FTPS) as non-root user.
    33. 

  33. # File capabilities are more reliable than Docker cap_add with user: directive,
    34. 

  34. # which depends on ambient capability support in the container runtime.
    35. 

  35. RUN setcap cap_net_bind_service=+ep "$(readlink -f /usr/local/bin/python3)"
    36. 

  36. 

  37. # Install Python dependencies with cache mount
    38. 

  38. COPY requirements.txt ./
    39. 

  39. RUN --mount=type=cache,target=/root/.cache/pip \
    40. 

  40.     pip install --root-user-action=ignore -r requirements.txt
    41. 

  41. 

  42. # Copy backend
    43. 

  43. COPY backend/ ./backend/
    44. 

  44. 

  45. # Copy built frontend from builder stage
    46. 

  46. COPY --from=frontend-builder /app/static ./static
    47. 

  47. 

  48. # Create data directory for persistent storage
    49. 

  49. # chmod 777 allows running as non-root user (e.g., with docker compose user: directive)
    50. 

  50. RUN mkdir -p /app/data /app/logs && chmod 777 /app/data /app/logs
    51. 

  51. 

  52. # Environment variables
    53. 

  53. ENV PYTHONUNBUFFERED=1
    54. 

  54. ENV DATA_DIR=/app/data
    55. 

  55. ENV LOG_DIR=/app/logs
    56. 

  56. ENV PORT=8000
    57. 

  57. 

  58. EXPOSE 3000
    59. 

  59. EXPOSE 3002
    60. 

  60. EXPOSE 8000
    61. 

  61. EXPOSE 8883
    62. 

  62. EXPOSE 9990
    63. 

  63. EXPOSE 50000-50100
    64. 

  64. 

  65. # Health check (uses PORT env var via shell)
    66. 

  66. HEALTHCHECK --interval=30s --timeout=10s --start-period=10s --retries=3 \
    67. 

  67.     CMD python -c "import urllib.request, os; urllib.request.urlopen(f'http://localhost:{os.environ.get(\"PORT\", \"8000\")}/health')" || exit 1
    68. 

  68. 

  69. # Run the application
    70. 

  70. # Use standard asyncio loop (uvloop has permission issues in some Docker environments)
    71. 

  71. # Port is configurable via PORT environment variable (default: 8000)
    72. 

  72. CMD ["sh", "-c", "uvicorn backend.app.main:app --host 0.0.0.0 --port ${PORT:-8000} --loop asyncio"]
    73.