2026-05-17 19:06:47 +02:00
1 changed files with 8 additions and 0 deletions
--- a/ocr-service/Dockerfile
+++ b/ocr-service/Dockerfile
@@ -23,8 +23,16 @@ RUN pip install --no-cache-dir -r requirements.txt

 COPY . .

+RUN useradd --no-create-home --shell /usr/sbin/nologin --uid 1000 ocr \
+    && mkdir -p /home/ocr /app/models /app/cache \
+    && chown -R ocr:ocr /app /home/ocr
 RUN chmod +x /app/entrypoint.sh

+ENV HOME=/home/ocr
+ENV HF_HOME=/app/cache
+
+USER ocr
+
 EXPOSE 8000

 CMD ["/app/entrypoint.sh"]