chore: update Dockerfile

2025-11-11 11:06:40 +01:00
parent a3360f3a1b
commit 4c90716355
4 changed files with 779 additions and 653 deletions
@@ -10,28 +10,38 @@ COPY requirements.txt ./

 # Install dependencies to a target directory
 RUN --mount=type=cache,target=/root/.cache/pip \
-    pip install --no-cache-dir --no-deps --disable-pip-version-check --target=/app/site-packages -r requirements.txt
+    pip install --no-deps --disable-pip-version-check -r requirements.txt

-# Use Alpine as the base image for a much smaller footprint
-FROM python:3.13-slim
+# Runtime stage
+FROM python:3.13-slim AS runtime

-# Copy installed packages from builder stage
-COPY --from=builder /app/site-packages /app/site-packages
-
-# Copy application code
-COPY index.html favicon.ico /app/
-COPY myice /app/myice
-
-# Set PYTHONPATH so Python can find our installed packages
-ENV PYTHONPATH=/app/site-packages
-
-# Set working directory
+# Create working directory
 WORKDIR /app

+# Install only runtime dependencies
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    ca-certificates \
+    && rm -rf /var/lib/apt/lists/*
+
 # Create a non-root user for security
 RUN useradd --home-dir /app --no-create-home --uid 1000 myice
+
+# Copy installed packages from builder stage
+COPY --from=builder /usr/local/lib/python3.13/site-packages /usr/local/lib/python3.13/site-packages
+
+# Copy application code
+COPY index.html favicon.ico ./
+COPY myice ./myice
+
+# Change ownership of copied files
+RUN chown -R myice:myice /app
+
+# Switch to non-root user
 USER myice

+# Bytecompile Python files for faster first load
+RUN python -m compileall -q ./myice
+
 # Expose port
 EXPOSE 8000