chore(docker): dockerfiles improvements and fixes (#1792)

* `UID` and `GID` build arguments for `worker` user * `POETRY_EXTRAS` build argument with default values * Copy `Makefile` for `make ingest` command * Do NOT copy markdown files I doubt anyone reads a markdown file within a Docker image * Fix PYTHONPATH value * Set home directory to `/home/worker` when creating user * Combine `ENV` instructions together * Define environment variables with their defaults - For documentation purposes - Reflect defaults set in settings-docker.yml * `PGPT_EMBEDDING_MODE` to define embedding mode * Remove ineffective `python3 -m pipx ensurepath` * Use `&&` instead of `;` to chain commands to detect failure better * Add `--no-root` flag to poetry install commands * Set PGPT_PROFILES to docker * chore: remove envs * chore: update to use ollama in docker-compose * chore: don't copy makefile * chore: don't copy fern * fix: tiktoken cache * fix: docker compose port * fix: ffmpy dependency (#2020) * fix: ffmpy dependency * fix: block ffmpy to commit sha * feat(llm): autopull ollama models (#2019) * chore: update ollama (llm) * feat: allow to autopull ollama models * fix: mypy * chore: install always ollama client * refactor: check connection and pull ollama method to utils * docs: update ollama config with autopulling info ... * chore: autopull ollama models * chore: add GID/UID comment ... --------- Co-authored-by: Javier Martinez <javiermartinezalvarez98@gmail.com>
2024-07-30 17:59:38 +02:00 · 2024-07-30 17:59:38 +02:00 · 65c5a1708b
parent d080969407
commit 65c5a1708b
4 changed files with 48 additions and 24 deletions
--- a/Dockerfile.external
+++ b/Dockerfile.external
@ -2,7 +2,6 @@ FROM python:3.11.6-slim-bookworm as base

 # Install poetry
 RUN pip install pipx
-RUN python3 -m pipx ensurepath
 RUN pipx install poetry
 ENV PATH="/root/.local/bin:$PATH"
 ENV PATH=".venv/bin/:$PATH"
@ -14,27 +13,38 @@ FROM base as dependencies
 WORKDIR /home/worker/app
 COPY pyproject.toml poetry.lock ./

-RUN poetry install --extras "ui vector-stores-qdrant llms-ollama embeddings-ollama"
+ARG POETRY_EXTRAS="ui vector-stores-qdrant llms-ollama embeddings-ollama"
+RUN poetry install --no-root --extras "${POETRY_EXTRAS}"

 FROM base as app
-
 ENV PYTHONUNBUFFERED=1
 ENV PORT=8080
+ENV APP_ENV=prod
+ENV PYTHONPATH="$PYTHONPATH:/home/worker/app/private_gpt/"
 EXPOSE 8080

 # Prepare a non-root user
-RUN adduser --system worker
+# More info about how to configure UIDs and GIDs in Docker:
+# https://github.com/systemd/systemd/blob/main/docs/UIDS-GIDS.md
+
+# Define the User ID (UID) for the non-root user
+# UID 100 is chosen to avoid conflicts with existing system users
+ARG UID=100
+
+# Define the Group ID (GID) for the non-root user
+# GID 65534 is often used for the 'nogroup' or 'nobody' group
+ARG GID=65534
+
+RUN adduser --system --gid ${GID} --uid ${UID} --home /home/worker worker
 WORKDIR /home/worker/app

-RUN mkdir local_data; chown worker local_data
-RUN mkdir models; chown worker models
+RUN chown worker /home/worker/app
+RUN mkdir local_data && chown worker local_data
+RUN mkdir models && chown worker models
 COPY --chown=worker --from=dependencies /home/worker/app/.venv/ .venv
 COPY --chown=worker private_gpt/ private_gpt
-COPY --chown=worker fern/ fern
-COPY --chown=worker *.yaml *.md ./
+COPY --chown=worker *.yaml .
 COPY --chown=worker scripts/ scripts

-ENV PYTHONPATH="$PYTHONPATH:/private_gpt/"
-
 USER worker
-ENTRYPOINT python -m private_gpt
+ENTRYPOINT python -m private_gpt
--- a/Dockerfile.local
+++ b/Dockerfile.local
@ -4,7 +4,6 @@ FROM python:3.11.6-slim-bookworm as base

 # Install poetry
 RUN pip install pipx
-RUN python3 -m pipx ensurepath
 RUN pipx install poetry
 ENV PATH="/root/.local/bin:$PATH"
 ENV PATH=".venv/bin/:$PATH"
@ -24,28 +23,39 @@ FROM base as dependencies
 WORKDIR /home/worker/app
 COPY pyproject.toml poetry.lock ./

-RUN poetry install --extras "ui embeddings-huggingface llms-llama-cpp vector-stores-qdrant"
+ARG POETRY_EXTRAS="ui embeddings-huggingface llms-llama-cpp vector-stores-qdrant"
+RUN poetry install --no-root --extras "${POETRY_EXTRAS}"

 FROM base as app

 ENV PYTHONUNBUFFERED=1
 ENV PORT=8080
+ENV APP_ENV=prod
+ENV PYTHONPATH="$PYTHONPATH:/home/worker/app/private_gpt/"
 EXPOSE 8080

 # Prepare a non-root user
-RUN adduser --group worker
-RUN adduser --system --ingroup worker worker
+# More info about how to configure UIDs and GIDs in Docker:
+# https://github.com/systemd/systemd/blob/main/docs/UIDS-GIDS.md
+
+# Define the User ID (UID) for the non-root user
+# UID 100 is chosen to avoid conflicts with existing system users
+ARG UID=100
+
+# Define the Group ID (GID) for the non-root user
+# GID 65534 is often used for the 'nogroup' or 'nobody' group
+ARG GID=65534
+
+RUN adduser --system --gid ${GID} --uid ${UID} --home /home/worker worker
 WORKDIR /home/worker/app

-RUN mkdir local_data; chown worker local_data
-RUN mkdir models; chown worker models
+RUN chown worker /home/worker/app
+RUN mkdir local_data && chown worker local_data
+RUN mkdir models && chown worker models
 COPY --chown=worker --from=dependencies /home/worker/app/.venv/ .venv
 COPY --chown=worker private_gpt/ private_gpt
-COPY --chown=worker fern/ fern
-COPY --chown=worker *.yaml *.md ./
+COPY --chown=worker *.yaml ./
 COPY --chown=worker scripts/ scripts

-ENV PYTHONPATH="$PYTHONPATH:/private_gpt/"
-
 USER worker
 ENTRYPOINT python -m private_gpt
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@ -5,12 +5,15 @@ services:
    volumes:
      - ./local_data/:/home/worker/app/local_data
    ports:
-      - 8001:8080
+      - 8001:8001
    environment:
-      PORT: 8080
+      PORT: 8001
      PGPT_PROFILES: docker
      PGPT_MODE: ollama
+      PGPT_EMBED_MODE: ollama
  ollama:
    image: ollama/ollama:latest
+    ports:
+      - 11434:11434
    volumes:
      - ./models:/root/.ollama
--- a/settings-docker.yaml
+++ b/settings-docker.yaml
@ -6,7 +6,7 @@ llm:
  mode: ${PGPT_MODE:mock}

 embedding:
-  mode: ${PGPT_MODE:sagemaker}
+  mode: ${PGPT_EMBED_MODE:mock}

 llamacpp:
  llm_hf_repo_id: ${PGPT_HF_REPO_ID:TheBloke/Mistral-7B-Instruct-v0.1-GGUF}
@ -30,6 +30,7 @@ ollama:
  repeat_last_n: ${PGPT_OLLAMA_REPEAT_LAST_N:64}
  repeat_penalty: ${PGPT_OLLAMA_REPEAT_PENALTY:1.2}
  request_timeout: ${PGPT_OLLAMA_REQUEST_TIMEOUT:600.0}
+  autopull_models: ${PGPT_OLLAMA_AUTOPULL_MODELS:true}

 ui:
  enabled: true