39 lines
1011 B
Docker
39 lines
1011 B
Docker
|
# 使用官方 Python 3.11 精简版镜像
|
|||
|
|
FROM python:3.11-slim
|
|||
|
|
|
|||
|
|
# 设置工作目录
|
|||
|
|
WORKDIR /app
|
|||
|
|
|
|||
|
|
# Python 环境优化变量
|
|||
|
|
ENV PYTHONDONTWRITEBYTECODE=1 \
|
|||
|
|
PYTHONUNBUFFERED=1 \
|
|||
|
|
FLASK_ENV=production \
|
|||
|
|
PIP_NO_CACHE_DIR=1
|
|||
|
|
|
|||
|
|
# 安装系统依赖(MySQL 客户端和编译工具)
|
|||
|
|
RUN apt-get update && apt-get install -y --no-install-recommends \
|
|||
|
|
gcc \
|
|||
|
|
pkg-config \
|
|||
|
|
default-libmysqlclient-dev \
|
|||
|
|
&& rm -rf /var/lib/apt/lists/*
|
|||
|
|
|
|||
|
|
# 先复制依赖文件,最大化利用 Docker 缓存
|
|||
|
|
COPY requirements.txt .
|
|||
|
|
|
|||
|
|
# 升级 pip 并安装所有依赖
|
|||
|
|
RUN pip install --upgrade pip && \
|
|||
|
|
pip install -r requirements.txt && \
|
|||
|
|
pip install gunicorn gevent
|
|||
|
|
|
|||
|
|
# 复制整个项目代码
|
|||
|
|
COPY . .
|
|||
|
|
|
|||
|
|
# 创建非 root 用户运行应用(安全最佳实践)
|
|||
|
|
RUN useradd -m appuser
|
|||
|
|
USER appuser
|
|||
|
|
|
|||
|
|
# 暴露应用端口
|
|||
|
|
EXPOSE 8000
|
|||
|
|
|
|||
|
|
# 启动命令(注意:app:app 要和你的入口文件对应)
|
|||
|
|
CMD ["gunicorn", "-c", "gunicorn_config.py", "app:app"]
|