| FROM python:3.9-slim | |
| WORKDIR /app | |
| # Install system dependencies | |
| RUN apt-get update && apt-get install -y \ | |
| libgl1-mesa-glx \ | |
| libglib2.0-0 \ | |
| && rm -rf /var/lib/apt/lists/* | |
| # Copy the requirements file and install Python packages | |
| COPY requirements.txt ./ | |
| RUN pip3 install --no-cache-dir -r requirements.txt | |
| # Copy ALL your application files from the root into the container's /app directory | |
| COPY . . | |
| # --- User and Permission Setup --- | |
| # Create a group and user | |
| RUN groupadd --system appuser && useradd --system --gid appuser appuser | |
| # Change ownership of the entire app directory to the user | |
| RUN chown -R appuser:appuser /app | |
| # Set the HOME environment variable for the user | |
| ENV HOME=/app | |
| # Tell Ultralytics to use the /tmp directory for its config | |
| ENV YOLO_CONFIG_DIR=/tmp | |
| # Switch to the non-root user | |
| USER appuser | |
| # --- End of User Setup --- | |
| EXPOSE 8501 | |
| HEALTHCHECK CMD curl --fail http://localhost:8501/_stcore/health || exit 1 | |
| # --- FINAL UPDATED ENTRYPOINT --- | |
| # Added `--server.headless=true` to make Streamlit compatible with the Hugging Face proxy. | |
| # This fixes the 403 Forbidden error on file uploads. | |
| ENTRYPOINT ["streamlit", "run", "streamlit_app.py", "--server.port=8501", "--server.address=0.0.0.0", "--browser.gatherUsageStats=false", "--server.headless=true"] |