Add support for authentication when connecting to external Redis instances in modular deployment mode. This enables secure Redis deployments using either password-only authentication (Redis <6) or
username + password authentication (Redis 6+ ACL).
Changes:
- Add REDIS_PASSWORD and REDIS_USER environment variables
- Implement URL encoding for special characters in passwords
- Update all Redis connection points to support auth
- Add comprehensive documentation and examples to docker-compose.yml
- Maintains full backward compatibility (empty defaults = no auth)
All authentication mechanisms have been fully tested including pasword-only authentication, Redis 6+ ACL authentication with username + password, volume-mounted configuration files, and special character handling.
Existing deployments are not effected, authentication support is entirely opt-in using docker-compose.
Also, acknowledging the fact that the docker-compose file for modular deployments has been getting out of hand with auth support, the docker-compose.yml file was re-formatted for better visibility in configuration. This seemed like a better way to go than mandating a .env file.
Implements automatic version validation for external databases in modular mode to ensure compatibility.
Changes:
- Added check_external_postgres_version() in 02-postgres.sh
- Integrated version check in entrypoint.sh after database connection
- Enforces minimum PostgreSQL version matching DispatcharrBase
- Allows newer versions with forward compatibility notice
- Rejects older versions with clear upgrade instructions
The version requirement automatically scales when DispatcharrBase is updated, requiring no manual maintenance. Only applies to modular deployments using external databases; AIO deployments are unaffected.
Tested and verified correct behavior with PostgreSQL v17, v18, and v16
Make database ports configurable for users with external PostgreSQL/Redis.
- Add POSTGRES_PORT and REDIS_PORT to docker-compose.yml (web and celery)
- Remove hardcoded CELERY_BROKER_URL (Django builds it from components)
- Add REDIS_PORT export to entrypoint.sh and profile variables
- Add Redis connection check for modular mode (matches PostgreSQL pattern)
Users can now specify custom ports for external databases:
[defaults]
POSTGRES_PORT=5432
REDIS_PORT=6379
Extend ensure_utf8_encoding() to support both internal and external PostgreSQL.
- Modular mode: Uses TCP connection with PGPASSWORD authentication
- AIO mode: Uses Unix socket as postgres user
- Explicitly set database owner during recreation (fixes missing --owner flag)
- Conversion logic (dump/drop/recreate/restore) works for both AIO and modular modes
- Skip internal PostgreSQL setup entirely when DISPATCHARR_ENV=modular
Changed the celery entrypoint to include a warning if CELERY_NICE_LEVEL is negative AND SYS_NICE is not configured (SYS_NICE is required for negative levels)
- docker-compose: added service health checks
- dockerfile: added if logic for sed command so missing files do not cause build fail
- entrypoint.celery: change migration detection to not continue until ALL migrations are applied
- entrypoint: trim django key and change external postgres check to python in case postgres binaries are missing
- docker/entrypoint.sh: Conditional PostgreSQL init/startup for modular mode
- docker/entrypoint.celery.sh: New dedicated entrypoint for celery container - prevents race condition in modular deployment
- docker/uwsgi.modular.ini: New uWSGI config without Redis/Celery daemons
- docker/Dockerfile: Add line ending fixes and chmod for entrypoints - adds cross-platform support for image builds
- docker/docker-compose.yml: Configure modular mode with DISPATCHARR_ENV - uses new celery entrypoint and adds depends_on to prevent race condition
The script was creating a group named 'dispatch' (hardcoded) while
nginx.conf expected a group matching POSTGRES_USER (e.g., 'dispatcharr').
Changes:
- Use $POSTGRES_USER for group name instead of hardcoded 'dispatch'
- Make sed command more robust to match any existing user directive
This ensures the group name matches the user name, fixing the error:
"getgrnam("dispatcharr") failed in /etc/nginx/nginx.conf:1"
Fixes#877
Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
The production uWSGI configuration (docker/uwsgi.ini) was missing the socket-timeout directive, causing it to default to 4 seconds. When clients (e.g., VLC) buffer VOD streams and temporarily stop reading from the HTTP socket, uWSGI's write operations timeout after 4 seconds, triggering premature stream cleanup and causing VOD streams to disappear from the stats page.
The fix adds socket-timeout = 600 to match the existing http-timeout = 600 value, giving uWSGI sufficient time to wait for clients to resume reading from buffered sockets. This prevents:
- uwsgi_response_write_body_do() TIMEOUT !!! errors in logs
- GeneratorExit exceptions and premature stream cleanup
- VOD streams vanishing from the stats page when clients buffer
The debug config already had socket-timeout = 3600, which is why the issue wasn't observed in debug mode. This fix aligns production behavior with the debug config while maintaining the production-appropriate 10-minute timeout duration.
This command improves docker/build-dev.sh, providing a variety of
arguments to assist building images
-h for help
-p push the build
-r Specify a different registry, such as myname on dockerhub, or
myregistry.local
-a arch[,arch] cross build to one or more architectures; .e.g. -a
linux/arm64,linux/amd64