generated from bisco/codex-bootstrap
fix: suppress application healthcheck logs
This commit is contained in:
+1
-1
@@ -21,4 +21,4 @@ USER django
|
|||||||
|
|
||||||
EXPOSE 8000
|
EXPOSE 8000
|
||||||
ENTRYPOINT ["./entrypoint.sh"]
|
ENTRYPOINT ["./entrypoint.sh"]
|
||||||
CMD ["gunicorn", "config.wsgi:application", "--bind", "0.0.0.0:8000", "--workers", "2", "--access-logfile", "-"]
|
CMD ["gunicorn", "config.wsgi:application", "--bind", "0.0.0.0:8000", "--workers", "2", "--log-level", "warning"]
|
||||||
|
|||||||
@@ -2,7 +2,7 @@
|
|||||||
set -eu
|
set -eu
|
||||||
|
|
||||||
attempt=1
|
attempt=1
|
||||||
until python manage.py migrate --noinput; do
|
until python manage.py migrate --noinput --verbosity 0; do
|
||||||
if [ "$attempt" -ge 10 ]; then
|
if [ "$attempt" -ge 10 ]; then
|
||||||
echo "Database migrations failed after $attempt attempts." >&2
|
echo "Database migrations failed after $attempt attempts." >&2
|
||||||
exit 1
|
exit 1
|
||||||
@@ -11,5 +11,5 @@ until python manage.py migrate --noinput; do
|
|||||||
sleep 2
|
sleep 2
|
||||||
done
|
done
|
||||||
|
|
||||||
python manage.py collectstatic --noinput
|
python manage.py collectstatic --noinput --verbosity 0
|
||||||
exec "$@"
|
exec "$@"
|
||||||
|
|||||||
+1
-1
@@ -67,7 +67,7 @@ services:
|
|||||||
"CMD",
|
"CMD",
|
||||||
"node",
|
"node",
|
||||||
"-e",
|
"-e",
|
||||||
"fetch('http://localhost:4321/').then(r=>{if(!r.ok)process.exit(1)}).catch(()=>process.exit(1))",
|
"fetch('http://localhost:4321/favicon.svg').then(r=>{if(!r.ok)process.exit(1)}).catch(()=>process.exit(1))",
|
||||||
]
|
]
|
||||||
interval: 10s
|
interval: 10s
|
||||||
timeout: 5s
|
timeout: 5s
|
||||||
|
|||||||
@@ -13,6 +13,11 @@ Compose health checks all services. Through the virtual host, the public health
|
|||||||
is `http://azionelab.org:8080/health/`; the aggregate content endpoint is
|
is `http://azionelab.org:8080/health/`; the aggregate content endpoint is
|
||||||
`http://azionelab.org:8080/api/site/home/`.
|
`http://azionelab.org:8080/api/site/home/`.
|
||||||
|
|
||||||
|
Frontend and backend container logs suppress successful request and informational
|
||||||
|
entries by default, while warnings and errors remain visible. NGINX retains its access
|
||||||
|
log for request-level diagnostics. The frontend health check requests a static asset so
|
||||||
|
it does not render the home page or query the CMS.
|
||||||
|
|
||||||
Test routing without changing the hosts file:
|
Test routing without changing the hosts file:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
|
|||||||
@@ -17,6 +17,9 @@
|
|||||||
retain, and delete them according to the operator's privacy policy.
|
retain, and delete them according to the operator's privacy policy.
|
||||||
- Avoid placing personal phone numbers or private contact details in logs. The API
|
- Avoid placing personal phone numbers or private contact details in logs. The API
|
||||||
legitimately exposes only contact details approved for publication.
|
legitimately exposes only contact details approved for publication.
|
||||||
|
- Frontend and backend informational/access logs are suppressed by default, reducing
|
||||||
|
routine client metadata in application logs without hiding warnings or errors. NGINX
|
||||||
|
remains the request-level access log and must receive the same retention controls.
|
||||||
- Dependency and image versions are explicit. Operators remain responsible for patch
|
- Dependency and image versions are explicit. Operators remain responsible for patch
|
||||||
upgrades, vulnerability scans, and production digest pinning.
|
upgrades, vulnerability scans, and production digest pinning.
|
||||||
- NGINX forwards the original host and standard client/protocol headers. Django trusts
|
- NGINX forwards the original host and standard client/protocol headers. Django trusts
|
||||||
|
|||||||
+4
-1
@@ -1,5 +1,8 @@
|
|||||||
FROM node:22.20-alpine
|
FROM node:22.20-alpine
|
||||||
|
|
||||||
|
ENV ASTRO_TELEMETRY_DISABLED=1 \
|
||||||
|
ASTRO_DISABLE_UPDATE_CHECK=true
|
||||||
|
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
RUN chown node:node /app
|
RUN chown node:node /app
|
||||||
|
|
||||||
@@ -12,4 +15,4 @@ COPY --chown=node:node . .
|
|||||||
|
|
||||||
EXPOSE 4321
|
EXPOSE 4321
|
||||||
|
|
||||||
CMD ["npm", "run", "dev"]
|
CMD ["./node_modules/.bin/astro", "dev"]
|
||||||
|
|||||||
@@ -1,14 +1,26 @@
|
|||||||
import { defineConfig } from "astro/config";
|
import { defineConfig } from "astro/config";
|
||||||
|
|
||||||
export default defineConfig({
|
export default defineConfig(({ command }) => ({
|
||||||
output: "static",
|
output: "static",
|
||||||
|
experimental:
|
||||||
|
command === "dev"
|
||||||
|
? {
|
||||||
|
logger: {
|
||||||
|
entrypoint: "astro/logger/node",
|
||||||
|
config: {
|
||||||
|
level: "warn",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
}
|
||||||
|
: undefined,
|
||||||
server: {
|
server: {
|
||||||
host: true,
|
host: true,
|
||||||
port: 4321,
|
port: 4321,
|
||||||
},
|
},
|
||||||
vite: {
|
vite: {
|
||||||
|
logLevel: command === "dev" ? "warn" : undefined,
|
||||||
server: {
|
server: {
|
||||||
allowedHosts: ["azionelab.org"],
|
allowedHosts: ["azionelab.org"],
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
});
|
}));
|
||||||
|
|||||||
Reference in New Issue
Block a user