FROM python:3.9-slim

# System dependencies
RUN apt-get update && apt-get install -y --no-install-recommends \
    build-essential gcc libffi-dev libpq-dev curl && \
    apt-get clean && rm -rf /var/lib/apt/lists/*

# Set workdir
WORKDIR /app

# Copy requirements and install
COPY requirements.txt .
RUN pip install --no-cache-dir --upgrade pip && \
    pip install --no-cache-dir -r requirements.txt

# Copy app code
COPY . .

# Create logs.json with correct permissions
RUN touch logs.json && \
    chown 1000:1000 logs.json && \
    chmod 664 logs.json

# Create and switch to non-root user
RUN useradd -m -u 1000 user
USER user

# Set environment
ENV PATH="/home/user/.local/bin:$PATH"

# Expose port
EXPOSE 7860

# Start app with uvicorn
CMD ["uvicorn", "app:app", "--host", "0.0.0.0", "--port", "7860", "--workers", "2"]