FROM python:3.9-slim

WORKDIR /code

# Install system dependencies
RUN apt-get update && apt-get install -y \
    build-essential \
    curl \
    git \
    python3-dev \
    && rm -rf /var/lib/apt/lists/*

# Create a non-root user
RUN useradd -m -u 1000 user && \
    chown -R user /code

# Copy requirements first to leverage Docker cache
COPY requirements.txt .

# Install Python dependencies
RUN pip install --no-cache-dir -r requirements.txt

# Copy application code
COPY ./app /code/app
COPY ./data /code/data
COPY ./config /code/config

# Create data directory with proper permissions
RUN mkdir -p /code/data && \
    chown -R user:user /code/data

# Switch to non-root user
USER user

# Make port 7860 available
EXPOSE 7860

# Set environment variables
ENV PYTHONPATH=/code
ENV PORT=7860

# Start command
CMD ["streamlit", "run", "/code/app/home.py", "--server.address=0.0.0.0", "--server.port=7860"]