fc8b4b164b
Prevents PyTorch/Matplotlib/Ketos from writing to /home/ocr which is on the read-only container filesystem — fixes Nora's blocker. Also restores the explanatory comment on the ocr_cache volume mount. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
41 lines
1.1 KiB
Docker
41 lines
1.1 KiB
Docker
FROM python:3.11.9-slim
|
|
|
|
WORKDIR /app
|
|
|
|
# curl for healthcheck; libgomp1 for PyTorch CPU threading; libvips for kraken PDF support
|
|
# libglib2.0-0 is required by opencv-python-headless on Debian slim
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|
curl \
|
|
libgomp1 \
|
|
libvips42 \
|
|
libglib2.0-0 \
|
|
&& rm -rf /var/lib/apt/lists/*
|
|
|
|
# PyTorch CPU-only — separate layer; the whl/cpu index strips all CUDA variants (~2 GB saved)
|
|
# torchvision must also come from the CPU index to match torch's operator registrations
|
|
RUN pip install --no-cache-dir \
|
|
torch==2.7.1 \
|
|
torchvision==0.22.1 \
|
|
--index-url https://download.pytorch.org/whl/cpu
|
|
|
|
COPY requirements.txt .
|
|
RUN pip install --no-cache-dir -r requirements.txt
|
|
|
|
COPY . .
|
|
|
|
RUN useradd --no-create-home --shell /usr/sbin/nologin --uid 1000 ocr \
|
|
&& mkdir -p /home/ocr /app/models /app/cache \
|
|
&& chown -R ocr:ocr /app /home/ocr
|
|
RUN chmod +x /app/entrypoint.sh
|
|
|
|
ENV HOME=/home/ocr
|
|
ENV HF_HOME=/app/cache
|
|
ENV XDG_CACHE_HOME=/app/cache
|
|
ENV TORCH_HOME=/app/models/torch
|
|
|
|
USER ocr
|
|
|
|
EXPOSE 8000
|
|
|
|
CMD ["/app/entrypoint.sh"]
|