Add nginx

Dockerfile

@@ -1,7 +1,7 @@
 ARG AZLINUX_BASE_VERSION=master
 
 # Base stage with python-build-base
-FROM quay.io/cdis/python-build-base:${AZLINUX_BASE_VERSION} as base
+FROM quay.io/cdis/python-build-base:${AZLINUX_BASE_VERSION} AS base
 
 # Comment this in, and comment out the line above, if quay is down
 # FROM 707767160287.dkr.ecr.us-east-1.amazonaws.com/gen3/python-build-base:${AZLINUX_BASE_VERSION} as base
@@ -22,7 +22,7 @@ RUN groupadd -g 1000 gen3 && \
 
 
 # Builder stage
-FROM base as builder
+FROM base AS builder
 
 USER gen3
 
@@ -49,6 +49,24 @@ FROM base
 COPY --from=builder /venv /venv
 COPY --from=builder /$appname /$appname
 
+# install nginx
+RUN yum install nginx postgresql-devel -y
+
+# allow nginx to bind to port 80
+RUN setcap 'cap_net_bind_service=+ep' /usr/sbin/nginx
+
+# chown nginx directories
+RUN chown -R gen3:gen3 /var/log/nginx
+
+# pipe nginx logs to stdout and stderr
+RUN ln -sf /dev/stdout /var/log/nginx/access.log && ln -sf /dev/stderr /var/log/nginx/error.log
+
+# create /var/lib/nginx/tmp/client_body to allow nginx to write to fence
+RUN mkdir -p /var/lib/nginx/tmp/client_body
+RUN chown -R gen3:gen3 /var/lib/nginx/
+
+# copy nginx config
+COPY ./deployment/nginx/nginx.conf /etc/nginx/nginx.conf
 
 # Switch to non-root user 'gen3' for the serving process
 USER gen3
@@ -60,4 +78,4 @@ ENV PYTHONUNBUFFERED=1 \
 
 WORKDIR /var/www/${appname}
 
-CMD ["gunicorn", "-c", "/peregrine/deployment/wsgi/gunicorn.conf.py"]
+CMD ["/peregrine/dockerrun.bash"]

deployment/nginx/nginx.conf

@@ -0,0 +1,44 @@
+user gen3;
+worker_processes auto;
+error_log /var/log/nginx/error.log notice;
+pid /var/lib/nginx/nginx.pid;
+
+# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
+include /usr/share/nginx/modules/*.conf;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /var/log/nginx/access.log  main;
+
+    sendfile            on;
+    tcp_nopush          on;
+    keepalive_timeout   65;
+    types_hash_max_size 4096;
+
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
+
+    # Load modular configuration files from the /etc/nginx/conf.d directory.
+    # See http://nginx.org/en/docs/ngx_core_module.html#include
+    # for more information.
+    include /etc/nginx/conf.d/*.conf;
+
+    server {
+
+        listen 80;
+        server_name localhost;
+
+        location / {
+            proxy_pass http://127.0.0.1:8000;
+            proxy_set_header Host $host;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        }
+    }
+}

deployment/wsgi/wsgi.py

@@ -2,4 +2,4 @@
 
 sys.path.append("/var/www/peregrine/")
 sys.path.append("/peregrine/")
-from wsgi import app as application
+from peregrine.api import app as application

dockerrun.bash

@@ -0,0 +1,2 @@
+nginx
+gunicorn -c /peregrine/deployment/wsgi/gunicorn.conf.py