FROM python:3.11.6-slim-bookworm as base # Install poetry and git RUN apt-get update && apt-get install -y git RUN pip install pipx RUN python3 -m pipx ensurepath RUN pipx install poetry ENV PATH="/root/.local/bin:$PATH" # Dependencies to build llama-cpp RUN apt update && apt install -y \ libopenblas-dev\ ninja-build\ build-essential\ pkg-config\ wget # https://python-poetry.org/docs/configuration/#virtualenvsin-project ENV POETRY_VIRTUALENVS_IN_PROJECT=true FROM base as dependencies WORKDIR /home/worker/app COPY pyproject.toml poetry.lock ./ # Explicitly copy the project files before running poetry install COPY pyproject.toml poetry.lock ./ RUN poetry config installer.max-workers 10 RUN poetry lock --no-update RUN poetry install --with local --extras chroma RUN pip install fastapi uvicorn FROM base as app ENV PYTHONUNBUFFERED=1 ENV PORT=7860 EXPOSE 7860 # Create the worker user with the appropriate UID and GID RUN useradd -m -u 1000 -U worker # Ensure the worker user has the necessary permissions RUN mkdir -p local_data/private_gpt/chromadb && chown -R worker:worker local_data/private_gpt RUN mkdir -p /models && chown worker:worker /models # Copy only the necessary files for the app COPY --chown=worker --from=dependencies /home/worker/app/.venv/ .venv COPY --chown=worker private_gpt/ private_gpt COPY --chown=worker docs/ docs COPY --chown=worker *.yaml *.md ./ USER worker # Get secret EXAMPLE and output it to /home/worker/test at buildtime RUN --mount=type=secret,id=OPENAI_API_KEY,mode=0444,required=true \ cat /run/secrets/OPENAI_API_KEY > /home/worker/test RUN --mount=type=secret,id=PASSWORD,mode=0444,required=true \ cat /run/secrets/PASSWORD > /home/worker/test RUN --mount=type=secret,id=USER_HASH,mode=0444,required=true \ cat /run/secrets/USER_HASH > /home/worker/test RUN --mount=type=secret,id=ADMIN_HASH,mode=0444,required=true \ cat /run/secrets/ADMIN_HASH > /home/worker/test # Activate the virtual environment and run uvicorn CMD [".venv/bin/python", "-m", "uvicorn", "private_gpt.main:app", "--host", "0.0.0.0", "--port", "7860"]