From c28126504659ed08fbf959fca79ef66ab126a1df Mon Sep 17 00:00:00 2001 From: Ee Durbin Date: Thu, 20 Jul 2023 11:40:54 -0400 Subject: [PATCH] migrate from nginx buildpack --- Dockerfile.cabotage | 1 + bin/start-nginx | 70 +++++++++++++++++++ config/mime.types | 98 +++++++++++++++++++++++++++ config/{nginx.conf.erb => nginx.conf} | 18 +++-- gunicorn.conf | 2 +- 5 files changed, 178 insertions(+), 11 deletions(-) create mode 100755 bin/start-nginx create mode 100644 config/mime.types rename config/{nginx.conf.erb => nginx.conf} (95%) diff --git a/Dockerfile.cabotage b/Dockerfile.cabotage index b5cf0a50e..1b0057d71 100644 --- a/Dockerfile.cabotage +++ b/Dockerfile.cabotage @@ -1,4 +1,5 @@ FROM python:3.9-bullseye +COPY --from=ewdurbin/nginx-static:1.25.x /usr/bin/nginx /usr/bin/nginx ENV PYTHONUNBUFFERED=1 ENV PYTHONDONTWRITEBYTECODE=1 RUN mkdir /code diff --git a/bin/start-nginx b/bin/start-nginx new file mode 100755 index 000000000..6ffacb572 --- /dev/null +++ b/bin/start-nginx @@ -0,0 +1,70 @@ +#!/usr/bin/env bash + +psmgr=/tmp/nginx-buildpack-wait +rm -f $psmgr +mkfifo $psmgr + +n=1 +while getopts :f option ${@:1:2} +do + case "${option}" + in + f) FORCE=$OPTIND; n=$((n+1));; + esac +done + +# Initialize log directory. +mkdir -p /tmp/logs/nginx +touch /tmp/logs/nginx/access.log /tmp/logs/nginx/error.log +echo 'buildpack=nginx at=logs-initialized' + +# Start log redirection. +( + # Redirect nginx logs to stdout. + tail -qF -n 0 /tmp/logs/nginx/*.log + echo 'logs' >$psmgr +) & + +# Start App Server +( + # Take the command passed to this bin and start it. + # E.g. bin/start-nginx bundle exec unicorn -c config/unicorn.rb + COMMAND=${@:$n} + echo "buildpack=nginx at=start-app cmd=$COMMAND" + $COMMAND + echo 'app' >$psmgr +) & + +if [[ -z "$FORCE" ]] +then + FILE="/tmp/app-initialized" + + # We block on app-initialized so that when nginx binds to $PORT + # are app is ready for traffic. + while [[ ! -f "$FILE" ]] + do + echo 'buildpack=nginx at=app-initialization' + sleep 1 + done + echo 'buildpack=nginx at=app-initialized' +fi + +# Start nginx +( + # We expect nginx to run in foreground. + # We also expect a socket to be at /tmp/nginx.socket. + echo 'buildpack=nginx at=nginx-start' + cd /tmp + /usr/bin/nginx -p . -c /code/config/nginx.conf + echo 'nginx' >$psmgr +) & + +# This read will block the process waiting on a msg to be put into the fifo. +# If any of the processes defined above should exit, +# a msg will be put into the fifo causing the read operation +# to un-block. The process putting the msg into the fifo +# will use it's process name as a msg so that we can print the offending +# process to stdout. +read exit_process <$psmgr +echo "buildpack=nginx at=exit process=$exit_process" +exit 1 diff --git a/config/mime.types b/config/mime.types new file mode 100644 index 000000000..8d37c8636 --- /dev/null +++ b/config/mime.types @@ -0,0 +1,98 @@ +types { + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/avif avif; + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + font/woff woff; + font/woff2 woff2; + + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/wasm wasm; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; +} diff --git a/config/nginx.conf.erb b/config/nginx.conf similarity index 95% rename from config/nginx.conf.erb rename to config/nginx.conf index 527fdc0df..71479571a 100644 --- a/config/nginx.conf.erb +++ b/config/nginx.conf @@ -1,6 +1,5 @@ daemon off; -#Heroku dynos have at least 4 cores. -worker_processes <%= ENV['NGINX_WORKERS'] || 4 %>; +worker_processes 2; events { use epoll; @@ -15,9 +14,8 @@ http { server_tokens off; - log_format l2met 'measure#nginx.service=$request_time request_id=$http_x_request_id'; - access_log logs/nginx/access.log l2met; - error_log logs/nginx/error.log; + access_log /tmp/logs/nginx/access.log; + error_log /tmp/logs/nginx/error.log; include mime.types; default_type application/octet-stream; @@ -29,11 +27,11 @@ http { client_max_body_size 32m; upstream app_server { - server unix:/tmp/nginx.socket fail_timeout=0; + server unix:/var/run/cabotage/nginx.sock fail_timeout=0; } server { - listen <%= ENV["PORT"] %>; + listen unix:/var/run/cabotage/cabotage.sock; server_name _; keepalive_timeout 5; @@ -293,17 +291,17 @@ http { } location /static/ { - alias /app/static-root/; + alias /code/static-root/; add_header Cache-Control "max-age=604800, public"; # 604800 is 7 days } location /images/ { - alias /app/static-root/images/; + alias /code/static-root/images/; add_header Cache-Control "max-age=604800, public"; # 604800 is 7 days } location /favicon.ico { - alias /app/static-root/favicon.ico; + alias /code/static-root/favicon.ico; add_header Cache-Control "max-age=604800, public"; # 604800 is 7 days } diff --git a/gunicorn.conf b/gunicorn.conf index 7c62a6136..74207d515 100644 --- a/gunicorn.conf +++ b/gunicorn.conf @@ -1,4 +1,4 @@ -bind = 'unix:/var/run/cabotage/cabotage.sock' +bind = 'unix:/var/run/cabotage/nginx.sock' backlog = 1024 preload_app = True max_requests = 2048