FROM python:3.12-slim

ENV PYTHONDONTWRITEBYTECODE=1 \
    PYTHONUNBUFFERED=1

WORKDIR /app

RUN apt-get update \
    && apt-get install -y --no-install-recommends curl \
    && rm -rf /var/lib/apt/lists/*

COPY requirements.txt ./
RUN pip install --no-cache-dir -r requirements.txt

COPY . .

RUN useradd --create-home --shell /usr/sbin/nologin appuser \
    && mkdir -p /data /app/static/uploads \
    && chown -R appuser:appuser /data /app/static/uploads

ENV DATABASE_URL=sqlite:////data/market.db \
    PORT=5000

USER appuser

EXPOSE 5000

CMD ["python", "app.py", "--production"]
