From ad8961ab82deaa4280e012f2cecab38971f22e24 Mon Sep 17 00:00:00 2001
From: mpeltriaux <Michel_Peltriaux@web.de>
Date: Mon, 24 Mar 2025 13:52:31 +0100
Subject: [PATCH 1/2] # Docker enhancements

* optimizes nginx.conf
   * better proxy pipelining
* optimizes Dockerfile
   * smaller resulting image
   * faster rebuilding due to reusing of existing layers
* optimizes docker-entrypoint.sh
   * better startup performance
   * better compatibility with docker engine
---
 Dockerfile           | 37 +++++++++++++++++++++++--------------
 docker-entrypoint.sh | 31 +++++++++++++++++++++++++------
 nginx.conf           | 16 ++++++++++------
 3 files changed, 58 insertions(+), 26 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 44816bf3..d01fc72a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,27 +1,36 @@
+# Nutze ein schlankes Python-Image
 FROM python:3.11-slim-bullseye
+
 ENV PYTHONUNBUFFERED 1
 
 WORKDIR /konova
 
-# Install some dependencies
-RUN apt update
-RUN apt install -y gdal-bin redis-server nginx
+# Installiere System-Abhängigkeiten
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    gdal-bin redis-server nginx \
+    && rm -rf /var/lib/apt/lists/*  # Platz sparen
 
-# Copy requirements file into workspace and install all dependencies
+# Erstelle benötigte Verzeichnisse & setze Berechtigungen
+RUN mkdir -p /var/log/nginx /var/log/gunicorn /var/lib/nginx /tmp/nginx_client_body \
+    && touch /var/log/nginx/access.log /var/log/nginx/error.log \
+    && chown -R root:root /var/log/nginx /var/lib/nginx /tmp/nginx_client_body
+
+# Kopiere und installiere Python-Abhängigkeiten
 COPY ./requirements.txt /konova/
-RUN pip install --upgrade pip
-RUN pip install -r requirements.txt
+RUN pip install --upgrade pip && pip install --no-cache-dir -r requirements.txt
 
-# Remove nginx default configuration and replace with own configuration
-RUN rm /etc/nginx/sites-enabled/default
+# Entferne Standard-Nginx-Site und ersetze sie durch eigene Config
+RUN rm -rf /etc/nginx/sites-enabled/default
 COPY ./nginx.conf /etc/nginx/conf.d
 
-# Create log folders
-RUN mkdir /var/log/gunicorn
-
-# Copy rest of project into workspace
+# Kopiere restliche Projektdateien
 COPY . /konova/
 
-# Move static files in designated folder
-RUN python manage.py collectstatic  --noinput
+# Sammle statische Dateien
+RUN python manage.py collectstatic --noinput
 
+# Exponiere Ports
+#EXPOSE 80 6379 8000
+
+# Setze Entrypoint
+ENTRYPOINT ["/konova/docker-entrypoint.sh"]
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 51470f22..f9733abe 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -1,7 +1,26 @@
 #!/bin/bash
-# Start all needed services once the container is fired up!
-service nginx start
-service redis-server start
-celery -A konova worker --detach
-# Rule of thumb: (2*CPU)+1 as worker_num -> Use 5 as default (matches a dual core)
-gunicorn --workers=5 konova.wsgi:application --bind=0.0.0.0:8000 --access-logfile /var/log/gunicorn/access.log --error-logfile /var/log/gunicorn/error.log
\ No newline at end of file
+
+set -e  # Beende Skript bei Fehlern
+set -o pipefail  # Fehler in Pipelines nicht ignorieren
+
+# Starte Redis
+redis-server --daemonize yes
+
+# Starte Celery Worker im Hintergrund
+celery -A konova worker --loglevel=info &
+
+# Starte Nginx als Hintergrundprozess
+nginx -g "daemon off;" &
+
+# Setze Gunicorn Worker-Anzahl (Standard: (2*CPUs)+1)
+WORKERS=${GUNICORN_WORKERS:-$((2 * $(nproc) + 1))}
+
+# Stelle sicher, dass Logs existieren
+mkdir -p /var/log/gunicorn
+touch /var/log/gunicorn/access.log /var/log/gunicorn/error.log
+
+# Starte Gunicorn als Hauptprozess
+exec gunicorn --workers="$WORKERS" konova.wsgi:application \
+    --bind=0.0.0.0:8000 \
+    --access-logfile /var/log/gunicorn/access.log \
+    --error-logfile /var/log/gunicorn/error.log
diff --git a/nginx.conf b/nginx.conf
index 660dacb8..63bfaabd 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -1,21 +1,25 @@
-upstream konova {
-    server localhost:8000;
-}
-
 server {
-
     listen 80;
     client_max_body_size 25M;
 
     location / {
-        proxy_pass http://konova;
+        proxy_pass http://127.0.0.1:8000;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header Host $host;
         proxy_redirect off;
+        proxy_cache_bypass $http_upgrade;
     }
 
     location /static/ {
         alias /konova/static/;
+        access_log /var/log/nginx/access.log;
+        autoindex off;
+        types {
+            text/css css;
+            application/javascript js;
+        }
     }
 
+    error_log /var/log/nginx/error.log;
 }

From f5f3246e89142cbde61c934c7cb0f47d94cc24ba Mon Sep 17 00:00:00 2001
From: mpeltriaux <Michel_Peltriaux@web.de>
Date: Mon, 24 Mar 2025 14:17:08 +0100
Subject: [PATCH 2/2] # Docker enhancements

* optimizes nginx.conf
   * better logging of proxied requests
---
 docker-entrypoint.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index f9733abe..f232d262 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -23,4 +23,5 @@ touch /var/log/gunicorn/access.log /var/log/gunicorn/error.log
 exec gunicorn --workers="$WORKERS" konova.wsgi:application \
     --bind=0.0.0.0:8000 \
     --access-logfile /var/log/gunicorn/access.log \
-    --error-logfile /var/log/gunicorn/error.log
+    --error-logfile /var/log/gunicorn/error.log \
+    --access-logformat '%({x-real-ip}i)s via %(h)s %(l)s %(u)s %(t)s "%(r)s" %(s)s %(b)s "%(f)s" "%(a)s"'