# deployment/container/Dockerfile-base # Poetry 기반 Vector DB API Base Image - 홈 디렉토리 사용 (안전한 방식) FROM python:3.11-slim # 메타데이터 LABEL description="Vector DB API Base Image with Poetry - Home Directory" LABEL version="poetry-home-v1.0" LABEL maintainer="admin@example.com" # 환경 변수 설정 - Poetry 가상환경을 홈 디렉토리로 이동 ENV PYTHONDONTWRITEBYTECODE=1 \ PYTHONUNBUFFERED=1 \ DEBIAN_FRONTEND=noninteractive \ PIP_NO_CACHE_DIR=1 \ PIP_DISABLE_PIP_VERSION_CHECK=1 \ POETRY_NO_INTERACTION=1 \ POETRY_VENV_IN_PROJECT=false \ POETRY_VIRTUALENVS_CREATE=true \ POETRY_VIRTUALENVS_PATH=/home/appuser/.cache/pypoetry/venvs \ POETRY_CACHE_DIR=/home/appuser/.cache/pypoetry/cache \ HF_HUB_CACHE=/app/.cache/huggingface \ TRANSFORMERS_CACHE=/app/.cache/transformers \ SENTENCE_TRANSFORMERS_HOME=/app/.cache/sentence_transformers # 🔧 시스템 패키지 설치 RUN apt-get update && apt-get install -y --no-install-recommends \ build-essential \ gcc \ g++ \ python3-dev \ curl \ wget \ ca-certificates \ git \ sudo \ lsb-release \ bc \ python3.11 \ python3.11-venv \ python3.11-dev \ python3.11-distutils \ && rm -rf /var/lib/apt/lists/* \ && apt-get clean # 📦 pip 업그레이드 RUN python3.11 -m pip install --no-cache-dir --upgrade pip setuptools wheel # 👤 비root 사용자 생성 (Poetry 설치 전에) RUN groupadd -r appuser && \ useradd -r -g appuser -d /home/appuser -s /bin/bash appuser && \ mkdir -p /home/appuser && \ chown -R appuser:appuser /home/appuser # 🔧 Poetry 가상환경 디렉토리 생성 (홈 디렉토리 사용) RUN mkdir -p /home/appuser/.cache/pypoetry/venvs \ /home/appuser/.cache/pypoetry/cache && \ chown -R appuser:appuser /home/appuser/.cache && \ chmod -R 755 /home/appuser/.cache # 🐍 Poetry를 appuser로 설치 USER appuser ENV PATH="/home/appuser/.local/bin:$PATH" # appuser 홈 디렉토리에 Poetry 설치 RUN curl -sSL https://install.python-poetry.org | python3.11 - # Poetry 실행 권한 및 심볼릭 링크 (root 권한 필요) USER root RUN chmod +x /home/appuser/.local/bin/poetry && \ ln -sf /home/appuser/.local/bin/poetry /usr/local/bin/poetry && \ chown appuser:appuser /home/appuser/.local/bin/poetry # appuser로 다시 전환 USER appuser # 🔧 Poetry 설정 - 가상환경을 홈 디렉토리로 이동 RUN poetry config virtualenvs.in-project false && \ poetry config virtualenvs.create true && \ poetry config virtualenvs.path /home/appuser/.cache/pypoetry/venvs && \ poetry config cache-dir /home/appuser/.cache/pypoetry/cache # Poetry 버전 확인 및 설정 검증 RUN poetry --version && \ poetry config --list && \ ls -la /home/appuser/.local/bin/poetry && \ which poetry # 🏗️ 작업 디렉토리 설정 및 권한 조정 WORKDIR /app # root로 전환하여 디렉토리 소유권 설정 USER root RUN chown -R appuser:appuser /app # 📋 Poetry 설치 스크립트 복사 및 권한 설정 COPY setup.sh /app/setup.sh RUN chmod +x /app/setup.sh && \ chown appuser:appuser /app/setup.sh # appuser로 전환하여 Poetry 환경 설정 USER appuser # 🚀 Poetry 환경 설정 및 의존성 설치 RUN cd /app && \ export DEBIAN_FRONTEND=noninteractive && \ ./setup.sh --skip-poetry-install --skip-python311-check --force-reinstall # 🗂️ 필요한 디렉토리 생성 및 권한 설정 USER root RUN mkdir -p /app/.cache/huggingface \ /app/.cache/transformers \ /app/.cache/sentence_transformers \ /app/vectordb \ /app/data \ /app/logs && \ chmod -R 755 /app/.cache /app/vectordb /app/data /app/logs && \ chown -R appuser:appuser /app && \ # Poetry 가상환경 디렉토리 권한 재확인 chown -R appuser:appuser /home/appuser/.cache && \ chmod -R 755 /home/appuser/.cache # 🧹 캐시 정리 RUN rm -rf /tmp/* /var/tmp/* # 🚀 포트 노출 EXPOSE 8000 # 🏥 간단한 헬스체크 (appuser 권한으로 실행) HEALTHCHECK --interval=30s --timeout=10s --start-period=60s --retries=3 \ CMD su -c "poetry --version && poetry config virtualenvs.path" appuser || exit 1 # 👤 최종 사용자 설정 USER appuser # 🎯 기본 명령어 CMD ["poetry", "--version"]