# ============================================ # Base stage for shared configuration # ============================================ FROM python:3.10-slim-bookworm AS base # Force package update and installation at build time ARG CACHEBUST=1 ARG DEBIAN_FRONTEND=noninteractive # Create directory for Node.js setup RUN mkdir -p /etc/apt/keyrings # Install Node.js and npm with all dependencies RUN apt-get update && \ apt-get install -y --no-install-recommends \ curl \ gnupg \ ca-certificates \ && curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg \ && echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_20.x nodistro main" | tee /etc/apt/sources.list.d/nodesource.list \ && apt-get update \ && apt-get install -y --no-install-recommends \ nodejs \ build-essential \ python3-dev \ && npm install -g npm@latest \ && npm install -g yarn \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* # Install system dependencies RUN apt-get update && \ apt-get install -y --no-install-recommends \ build-essential \ gcc \ g++ \ libc6-dev \ libffi-dev \ libgmp-dev \ libmpfr-dev \ libmpc-dev \ libssl-dev \ postgresql-client \ redis-tools \ make \ pkg-config \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* # Install Python packages in smaller groups to better handle dependencies RUN pip install --no-cache-dir \ gunicorn \ gevent \ grpcio \ pydantic-settings \ protobuf \ grpcio-tools RUN pip install --no-cache-dir \ flask \ flask-cors \ Flask-SQLAlchemy==3.1.1 \ Flask-Migrate==4.0.7 \ flask-login \ flask-restful \ flask-limiter \ flask-caching \ flask-jwt-extended \ flask-socketio RUN pip install --no-cache-dir \ PyYAML \ celery \ redis \ psycopg2-binary \ sqlalchemy \ alembic \ pyjwt \ requests # Install ML and AI packages separately RUN pip install --no-cache-dir \ numpy \ pandas \ python-dotenv \ pycryptodome \ cryptography \ bcrypt \ python-jose[cryptography] \ passlib \ python-multipart \ gmpy2 RUN pip install --no-cache-dir \ transformers \ torch \ tensorflow \ sentencepiece \ tokenizers \ nltk # Install remaining packages RUN pip install --no-cache-dir \ openai==1.14.0 \ anthropic==0.23.1 \ Pillow \ opencv-python-headless \ scikit-learn \ scipy \ google-cloud-aiplatform \ google-generativeai \ vertexai \ google-cloud-core \ google-api-core \ yarl \ aiohttp \ "tritonclient[all]" \ cohere==4.43 \ replicate \ aleph-alpha-client \ stability-sdk \ huggingface_hub \ langchain \ langchain-community \ langchain-core \ langchain-openai # Install NLTK data RUN python -c "import nltk; nltk.download('punkt'); nltk.download('averaged_perceptron_tagger')" # Verify installations RUN node --version && npm --version && yarn --version # ============================================ # Web builder stage - optimized # ============================================ FROM base AS web-builder WORKDIR /app # Copy web directory first COPY web/ web/ WORKDIR /app/web # Install dependencies and build RUN yarn install --frozen-lockfile && \ yarn add --dev autoprefixer postcss tailwindcss code-inspector-plugin && \ NEXT_TELEMETRY_DISABLED=1 yarn build && \ mkdir -p .next/standalone && \ cp -r .next/static .next/standalone/.next/ && \ cp -r public .next/standalone/ && \ yarn cache clean # ============================================ # Python builder stage - optimized # ============================================ FROM base AS python-builder WORKDIR /app # Copy api directory COPY api/ api/ WORKDIR /app/api # Install core dependencies first RUN pip install --no-cache-dir poetry==1.8.3 && \ poetry config virtualenvs.create false && \ poetry install --no-dev --no-interaction --no-ansi # ============================================ # Final stage - minimal runtime # ============================================ FROM base # Create non-root user and storage directory RUN apt-get update && \ useradd -m -u 1000 user && \ mkdir -p /storage/files /storage/cache /storage/logs && \ chown -R user:user /storage && \ mkdir -p /app/api && \ chown -R user:user /app # Install runtime dependencies with proper repository update RUN apt-get update && \ apt-get install -y --no-install-recommends \ build-essential \ nodejs \ npm \ libgmp-dev \ libmpfr-dev \ libmpc-dev \ libssl-dev \ postgresql-client \ redis-tools && \ apt-get clean && \ rm -rf /var/lib/apt/lists/* && \ pip install --no-cache-dir \ gunicorn \ gevent \ grpcio \ pydantic-settings \ protobuf \ grpcio-tools \ flask \ flask-cors \ Flask-SQLAlchemy==3.1.1 \ Flask-Migrate==4.0.7 \ flask-login \ flask-restful \ flask-limiter \ flask-caching \ flask-jwt-extended \ flask-socketio \ PyYAML \ celery \ redis \ psycopg2-binary \ sqlalchemy \ alembic \ pyjwt \ requests \ numpy \ pandas \ python-dotenv \ pycryptodome \ cryptography \ bcrypt \ python-jose[cryptography] \ passlib \ python-multipart \ gmpy2 \ transformers \ torch \ tensorflow \ sentencepiece \ tokenizers \ nltk \ openai==1.14.0 \ anthropic==0.23.1 \ flask-migrate==4.0.5 \ Pillow \ opencv-python-headless \ scikit-learn \ scipy \ google-cloud-aiplatform \ google-generativeai \ vertexai \ google-cloud-core \ google-api-core \ yarl \ aiohttp \ tritonclient[all] \ cohere==4.43 \ anthropic \ replicate \ aleph-alpha-client \ stability-sdk \ huggingface_hub \ langchain \ langchain-community \ langchain-core \ langchain-openai \ openai==1.14.0 \ Flask-Migrate==4.0.7 \ Flask-SQLAlchemy==3.1.1 && \ python -m nltk.downloader punkt averaged_perceptron_tagger # Set up directory structure WORKDIR /app RUN mkdir -p api web && chown -R user:user /app # Copy Python environment and files COPY --from=python-builder --chown=user /usr/local/lib/python3.10/site-packages /usr/local/lib/python3.10/site-packages COPY --chown=user api/ /app/api/ # Copy Next.js files with explicit directory creation RUN mkdir -p /app/web/.next/standalone /app/web/.next/static COPY --from=web-builder --chown=user /app/web/.next/standalone /app/web/.next/standalone COPY --from=web-builder --chown=user /app/web/.next/static /app/web/.next/static COPY --from=web-builder --chown=user /app/web/public /app/web/public # Set environment variables for HF Spaces compatibility ENV FLASK_APP=app.py \ EDITION=SELF_HOSTED \ DEPLOY_ENV=PRODUCTION \ PYTHONPATH=/app/api \ PATH="/usr/local/bin:${PATH}" \ STORAGE_DIR=/storage \ # Database configuration - match docker-compose.yaml DB_USERNAME=postgres \ DB_PASSWORD=difyai123456 \ DB_HOST=db \ DB_PORT=5432 \ DB_DATABASE=dify \ SQLALCHEMY_POOL_SIZE=30 \ SQLALCHEMY_POOL_RECYCLE=3600 \ # Redis configuration - match docker-compose.yaml REDIS_HOST=redis \ REDIS_PORT=6379 \ REDIS_PASSWORD=difyai123456 \ REDIS_DB=0 # Copy entrypoint script COPY docker/entrypoint.sh /app/entrypoint.sh RUN chmod +x /app/entrypoint.sh # Switch to non-root user USER user # HF Spaces uses port 7860 EXPOSE 7860 3000 # Set up storage volumes VOLUME ["/storage/files", "/storage/cache", "/storage/logs"] WORKDIR /app CMD ["./entrypoint.sh"]