forked from thesuperdabc/LichessBot_NS
-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathDockerfile
More file actions
56 lines (42 loc) · 1.53 KB
/
Dockerfile
File metadata and controls
56 lines (42 loc) · 1.53 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
# Multi-stage build for optimal size and security
FROM python:3.11-slim as builder
# Install build dependencies
RUN apt-get update && apt-get install -y \
wget \
unzip \
gcc \
&& rm -rf /var/lib/apt/lists/*
# Download and setup Stockfish
RUN wget -q https://github.com/official-stockfish/Stockfish/releases/download/sf_16/stockfish-ubuntu-x86-64-avx2.tar \
&& tar -xf stockfish-ubuntu-x86-64-avx2.tar \
&& mkdir -p /engines \
&& cp stockfish/stockfish-ubuntu-x86-64-avx2 /engines/stockfish \
&& chmod +x /engines/stockfish
# Production stage
FROM python:3.11-slim
# Install runtime dependencies
RUN apt-get update && apt-get install -y \
&& rm -rf /var/lib/apt/lists/*
# Create non-root user
RUN useradd --create-home --shell /bin/bash lichess
# Set working directory
WORKDIR /app
# Copy engine from builder stage
COPY --from=builder /engines /app/engines
# Copy requirements and install Python dependencies
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt
# Copy application code
COPY . .
# Create necessary directories
RUN mkdir -p books logs \
&& touch books/bullet.bin books/blitz.bin books/rapid.bin books/classical.bin
# Change ownership to non-root user
RUN chown -R lichess:lichess /app
# Switch to non-root user
USER lichess
# Health check
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD python -c "import requests; requests.get('https://lichess.org/api/account', timeout=5)" || exit 1
# Default command
CMD ["python", "user_interface.py", "-u"]