51 lines
1.2 KiB
Docker
51 lines
1.2 KiB
Docker
# Production Dockerfile for Sunday Comics
|
|
|
|
FROM python:3.11-slim
|
|
|
|
# Set working directory
|
|
WORKDIR /app
|
|
|
|
# Install system dependencies
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
gcc \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# Create non-root user
|
|
RUN useradd -m -u 1000 appuser && chown -R appuser:appuser /app
|
|
|
|
# Copy requirements first for better caching
|
|
COPY --chown=appuser:appuser requirements.txt .
|
|
|
|
# Install Python dependencies
|
|
RUN pip install --no-cache-dir -r requirements.txt gunicorn
|
|
|
|
# Copy application code
|
|
COPY --chown=appuser:appuser . .
|
|
|
|
# Switch to non-root user
|
|
USER appuser
|
|
|
|
# Generate cache, RSS feed, and sitemap during build
|
|
RUN python scripts/publish_comic.py
|
|
|
|
# Expose port
|
|
EXPOSE 3000
|
|
|
|
# Environment variables
|
|
ENV PYTHONUNBUFFERED=1 \
|
|
PORT=3000
|
|
|
|
# Health check
|
|
HEALTHCHECK --interval=30s --timeout=3s --start-period=5s --retries=3 \
|
|
CMD python -c "import urllib.request; urllib.request.urlopen('http://localhost:3000').read()"
|
|
|
|
# Run with Gunicorn
|
|
CMD gunicorn app:app \
|
|
--bind 0.0.0.0:${PORT} \
|
|
--workers 4 \
|
|
--threads 2 \
|
|
--worker-class gthread \
|
|
--access-logfile - \
|
|
--error-logfile - \
|
|
--log-level info
|