64 lines
2.1 KiB
Docker
64 lines
2.1 KiB
Docker
# Backend image for FastAPI + LiveKit Agent runtime
|
|
# Supports dev (uvicorn reload) and production (gunicorn) via APP_ENV.
|
|
|
|
# Builder: install deps with uv into an isolated venv
|
|
FROM python:3.12-slim AS builder
|
|
|
|
ENV PYTHONDONTWRITEBYTECODE=1 \
|
|
PYTHONUNBUFFERED=1 \
|
|
UV_PROJECT_ENV=/opt/venv
|
|
|
|
# System packages needed for common Python builds + uv installer
|
|
RUN apt-get update && \
|
|
apt-get install -y --no-install-recommends build-essential curl && \
|
|
rm -rf /var/lib/apt/lists/*
|
|
|
|
# Install uv (fast Python package manager) as the dependency tool
|
|
RUN curl -LsSf https://astral.sh/uv/install.sh | sh
|
|
ENV PATH="/root/.local/bin:${PATH}"
|
|
|
|
# Create virtualenv and prepare workspace
|
|
RUN python -m venv ${UV_PROJECT_ENV}
|
|
ENV PATH="${UV_PROJECT_ENV}/bin:${PATH}"
|
|
WORKDIR /app
|
|
|
|
# Copy the full source; dependency install is guarded to avoid failures while the app is scaffolded
|
|
COPY . /app
|
|
RUN if [ -f uv.lock ] && [ -f pyproject.toml ]; then \
|
|
uv sync --frozen --no-dev; \
|
|
elif ls requirements*.txt >/dev/null 2>&1; then \
|
|
for req in requirements*.txt; do \
|
|
uv pip install --no-cache -r "$req"; \
|
|
done; \
|
|
elif [ -f pyproject.toml ]; then \
|
|
uv pip install --no-cache .; \
|
|
else \
|
|
echo "No dependency manifest found; skipping install"; \
|
|
fi && \
|
|
if [ -f pyproject.toml ]; then \
|
|
uv pip install --no-cache -e .; \
|
|
fi
|
|
|
|
# Runtime: slim image with non-root user and prebuilt venv
|
|
FROM python:3.12-slim AS runtime
|
|
|
|
ENV PYTHONDONTWRITEBYTECODE=1 \
|
|
PYTHONUNBUFFERED=1 \
|
|
PATH="/opt/venv/bin:${PATH}"
|
|
|
|
# Create unprivileged user
|
|
RUN addgroup --system app && adduser --system --ingroup app app
|
|
|
|
WORKDIR /app
|
|
|
|
# Copy runtime artifacts from builder
|
|
COPY --from=builder /opt/venv /opt/venv
|
|
COPY --from=builder /app /app
|
|
RUN chown -R app:app /app /opt/venv
|
|
|
|
USER app
|
|
EXPOSE 8000
|
|
|
|
# Default command switches between uvicorn (dev) and gunicorn (prod) based on APP_ENV
|
|
CMD ["sh", "-c", "if [ \"$APP_ENV\" = \"production\" ]; then exec gunicorn app.main:app -k uvicorn.workers.UvicornWorker --bind 0.0.0.0:8000 --workers 4 --timeout 120; else exec uvicorn app.main:app --host 0.0.0.0 --port 8000 --reload; fi"]
|