Commit graph

385 commits

Author SHA1 Message Date
SergeantPanda
a7b4db83fa feat(process_label): enhance uWSGI process role detection
- Added a new function `_is_uwsgi_worker` to accurately identify when the application is running within a uWSGI worker.
- Updated `get_process_role` to label processes as "uwsgi" based on the new function or command-line arguments, improving process role accuracy.
- Expanded unit tests to cover various scenarios for uWSGI role detection, ensuring robust validation of the new logic.
2026-06-16 16:21:22 -05:00
SergeantPanda
8f060e8b3a feat: Output SD program poster images during xml output and enhance caching logic 2026-06-04 15:17:58 -05:00
Seth Van Niekerk
16cb9edcbd
blur public IP in sidebar, add ip lookup toggle and env var, make lookup non-blocking 2026-05-30 13:07:07 -04:00
SergeantPanda
f5ed272807 Merge branch 'dev' of https://github.com/Dispatcharr/Dispatcharr into pr/JCBird1012/1272 2026-05-28 19:32:10 -05:00
SergeantPanda
80b72d8cfa Enhancement: Update psycopg2 to 3. 2026-05-28 19:27:52 -05:00
SergeantPanda
9c6c2a081b fix: remove unnecessary libpq-dev dependency from Dockerfile 2026-05-28 14:31:00 -05:00
Kanishk Sachdev
2070f9e281 docker: split base image into builder and runtime stages
Keeps compilers in the builder; runtime stage copies only the venv
and NumPy wheel.
2026-05-25 04:31:42 -04:00
SergeantPanda
f84265f2a5 Enhancement: add Comskip mode and hardware acceleration settings to DVR configuration. Update default comskip config.
Some checks are pending
CI Pipeline / prepare (push) Waiting to run
CI Pipeline / docker (amd64, ubuntu-24.04) (push) Blocked by required conditions
CI Pipeline / docker (arm64, ubuntu-24.04-arm) (push) Blocked by required conditions
CI Pipeline / create-manifest (push) Blocked by required conditions
Build and Push Multi-Arch Docker Image / build-and-push (push) Waiting to run
Frontend Tests / test (push) Waiting to run
2026-05-19 21:14:06 -05:00
SergeantPanda
c33d456743 Enable gevent in uWSGI workers; fix WS delivery and DB exhaustion
- Enable gevent cooperative multitasking in all uWSGI worker configs
  (gevent-early-monkey-patch + import dispatcharr.gevent_patch)
- Rewrite WebSocket group sends to bypass asyncio in gevent workers:
  _gevent_ws_send() replicates the channels_redis 4.x wire format
  directly via synchronous Redis so send_websocket_update() and
  _send_async() no longer fail silently after epoll is patched out
- Fix PostgreSQL connection exhaustion: CONN_MAX_AGE=0 + explicit
  close_old_connections() in stream manager and cleanup watchdog loops
- Fix stream proxy race: register client before the connect-wait loop
  so the cleanup watchdog never sees zero clients on a live channel
- Channel list/logo/profile queryset optimisations: conditional DISTINCT,
  EXISTS semi-joins for filter-options, channel_count annotation to
  eliminate N+1 in LogoSerializer, prefetched memberships in
  ChannelProfileSerializer
- JsonResponse for channel ID list and summary endpoints
2026-05-14 18:55:09 -05:00
SergeantPanda
c956672587 Enhancement: Route long-running DVR recordings to a dedicated queue. 2026-04-26 09:34:20 -05:00
SergeantPanda
14a6bf4473 Initial DVR HLS refactor. 2026-04-26 09:06:48 -05:00
SergeantPanda
1289e95c93 Merge branch 'dev' of https://github.com/Dispatcharr/Dispatcharr into pr/JCBird1012/1157 2026-04-14 15:57:48 -05:00
SergeantPanda
d5e6ee0a0d Enhancement: Use Unix socket if AIO and POSTGRES_HOST is set to loopback. 2026-04-14 15:51:40 -05:00
SergeantPanda
c819a95cb5 fix: update API cache locations and improve proxy settings 2026-04-14 12:59:58 -05:00
SergeantPanda
6ad1207a0b fix: graceful container shutdown and cleanup improvements
- Explicitly stop uwsgi, celery, daphne, and redis-server on SIGTERM;
  these are spawned as uwsgi attach-daemons and were not tracked in
  pids[], causing exit 137 on docker stop
- Replace fixed sleep 3 with a polling loop (8 s ceiling) that exits as
  soon as all processes have stopped
- Use pg_ctl stop -m immediate as the postgres force-stop fallback
  instead of SIGKILL to avoid data corruption
- Add _cleanup_done guard to prevent double invocation of cleanup() when
  the trap fires and the explicit call at script end both execute
- Register process names at startup in pid_names[] so crash diagnostics
  show meaningful names after a process has exited
- Suppress the unexpected-exit diagnostic block on normal docker stop
- Guard all pgrep-based pids+=() against empty values (nginx, vite,
  postgres) to prevent empty PID entries corrupting the pids[] array
2026-04-13 20:21:01 -05:00
Shokkstokk
49db83260d fix: graceful container shutdown - exit 137 on docker stop 2026-04-10 12:36:35 -04:00
SergeantPanda
6f8ca243af fix: ensure PGSSL* environment variables are explicitly set by stripping inherited values
fix: use psycopg2.sql for safe database drop and create commands

fix: Also check POSTGRES_SSL is true before skipping default POSTGRES_PASSWORD

fix: update usage comment to reflect correct script path

fix: improve cleanup logic to conditionally remove certificate directory
2026-03-31 09:51:09 -05:00
None
763f42cfff fix: pass TLS parameters to all external connection points in modular mode
- Add setup_pg_ssl_env() to export libpq PGSSL* env vars; all child psql/pg_dump/pg_isready commands inherit TLS automatically

- Move TLS client key permission fix before external PG connections (was running after, defeating the fix)

- Enhance key fix to trigger on ownership mismatch (root-owned 0600 key unreadable by app user)

- Extract key fix to shared script (docker/init/00-fix-pg-ssl-key.sh) sourced by both entrypoints

- Default POSTGRES_PASSWORD to empty in modular mode (cert-only auth sends no spurious password)

- Propagate TLS OPTIONS to backup pg_dump/pg_restore subprocess calls via _get_pg_env()

- Pass SSL kwargs to dropdb management command's psycopg2.connect()

- Add REDIS_SSL_PARAMS to VOD proxy Redis connections missed in original TLS PR

- Add 8-scenario TLS integration test suite (PG mTLS, Redis TLS, verify-full, key fix, Celery, regression)

- Add 6 unit tests for _get_pg_env() and dropdb TLS parameter passing
2026-03-30 20:19:27 -05:00
Jonathan Caicedo
6591d1dac7 perf: use PostgreSQL Unix socket for AIO 2026-03-29 16:13:50 -04:00
SergeantPanda
456f9ef6e6
Merge pull request #1145 from Dispatcharr/user-priority-fixes
User stream limits
2026-03-27 14:18:38 -05:00
SergeantPanda
9c9de12b19 chore: remove unnecessary python-is-python3, python3-pip and streamlink from Dockerfile dependencies 2026-03-27 11:49:28 -05:00
dekzter
90a600b48f merged in dev 2026-03-26 12:17:43 -04:00
SergeantPanda
cee94282f9
Merge pull request #1128 from CodeBormen/dev
Some checks failed
CI Pipeline / prepare (push) Has been cancelled
Build and Push Multi-Arch Docker Image / build-and-push (push) Has been cancelled
Frontend Tests / test (push) Has been cancelled
CI Pipeline / docker (amd64, ubuntu-24.04) (push) Has been cancelled
CI Pipeline / docker (arm64, ubuntu-24.04-arm) (push) Has been cancelled
CI Pipeline / create-manifest (push) Has been cancelled
feat: add TLS connection support for Redis and PostgreSQL (#950)
2026-03-24 18:56:57 -05:00
SergeantPanda
58f40ff276 Bug Fix: Fixed stale references to old guideutils location. Also change dockerfile to get clear error messages during failure. 2026-03-24 13:19:48 -05:00
SergeantPanda
9da6f7794c fix: ensure PGID defaults to PUID when setting ownership for PostgreSQL SSL key (matching entrypoint.celery behavior. 2026-03-23 18:26:52 -05:00
None
b30a24e2fb feat: add TLS connection support for Redis and PostgreSQL (#950)
- Add 10 env vars for Redis/PostgreSQL TLS (REDIS_SSL, REDIS_SSL_VERIFY, REDIS_SSL_CA_CERT, REDIS_SSL_CERT, REDIS_SSL_KEY, POSTGRES_SSL, POSTGRES_SSL_MODE, POSTGRES_SSL_CA_CERT, POSTGRES_SSL_CERT, POSTGRES_SSL_KEY)
- Propagate SSL params to all Redis connection points: RedisClient, stream view, PubSub, client manager, Celery broker/result backend, Django Channels, and pre-Django startup scripts
- Add Celery SSL config via URL query string params (required by Kombu's internal URL parsing)
- Add PostgreSQL sslmode and certificate options to DATABASES config
- Add startup validation: cert file existence, URL scheme conflict detection, TLS status logging
- Add TLS error hints to Redis connection failure messages
- Add Connection Security panel in System Settings (modular mode only) showing encryption, verification, and mTLS status
- Add PG client key permission fix in web and celery entrypoints for Docker Desktop compatibility (0777 to 0600)
- Add TLS env var passthrough in entrypoint for su - login shells
- Document TLS env vars in modular docker-compose.yml
- Change env_mode from dev/prod to actual DISPATCHARR_ENV value for modular mode detection
2026-03-21 17:24:09 -05:00
None
7e22172070 fix: remove PUID auto-detect
The auto-detect read PUID/PGID from /data/db ownership (UID 102 in pre-PUID images), causing all upgrading users to run as UID 102 instead of the expected UID 1000. This broke host-side access (SSH, WinSCP), made existing DATA_DIR files unwritable, and failed comskip on recordings created before the change.
2026-03-17 19:32:07 -05:00
None
9e720f4fc7 fix: handle chown failures gracefully on external mounts
DATA_DIRS chown failures (NFS, SMB/CIFS, FUSE) crashed the container under set -e. The old image never chowned these directories, so users with external mounts had a working setup that broke on upgrade with zero config changes.

- Collect mkdir and chown failures per-directory instead of crashing
- Emit a single consolidated warning listing all affected directories with current ownership and remediation steps
- Container continues to start; Django reports at runtime if it cannot write to a specific directory
- Local volumes are unaffected: chown still runs and succeeds silently
2026-03-17 18:27:19 -05:00
None
19d3f4258f Add /data/backups to DATA_DIRS
Corrects issue with user ownership migration on previous installations with /data/backups in-use
2026-03-17 17:46:13 -05:00
SergeantPanda
cc5a0eb7f7
Merge pull request #929 from jcasimir/fix/uwsgi-gevent-segfault-clean
Fix uWSGI segfaults by disabling threads when using gevent
2026-03-15 17:45:24 -05:00
SergeantPanda
03e1061716 Bug Fix: Fix postgres lock file permissions before starting and upgrading Postgres. 2026-03-13 14:59:46 -05:00
dekzter
f69a462253 merged in dev 2026-03-13 08:22:44 -04:00
None
29525336ab replace migration port and correct variable quoting for guarding
- replaced $_pg_tmp_port with $POSTRGES_PORT in migration logic. Works because "pg_ctl stop -w" is run before entrypoint.sh restarts postgres. Verified that this does not cause a race condition.

- Correcting unquoted environment variables to prevent inappropriate variables from causing execution inconsistencies (still unquoted in comments and prints)
2026-03-12 20:25:54 -05:00
SergeantPanda
a1a2b3332f Declare CONNECT_ROLE and CONNECT_DB as local variables in promote_app_role function 2026-03-12 18:38:04 -05:00
None
52ed0fc15a fix: run PostgreSQL as PUID/PGID user to resolve ownership conflicts (#1078)
PostgreSQL now runs as the PUID/PGID user ($POSTGRES_USER) instead of the internal postgres system user (UID 102). This fixes container startup failures when PUID/PGID is set, caused by chown permission errors on restricted filesystems (NFS root_squash, CIFS) and UID collisions with the postgres system user.

Changes:
- Run all PostgreSQL operations (initdb, pg_ctl, psql) as $POSTGRES_USER
- Auto-detect PUID/PGID from existing data owner when not explicitly set
- Validate PUID/PGID (reject zero, non-numeric values) before startup
- Migrate existing data ownership with sentinel-based skip optimization
- Use trust auth for local Unix sockets, md5 for network connections
- Add promote_app_role() and ensure_app_database() as idempotent startup guarantees that handle fresh installs, upgrades, and PUID changes
- Preserve postgres role as superuser for rollback compatibility
- Centralize /data/db ownership in 02-postgres.sh (sentinel-aware)
- Add integration test suite (20 scenarios) covering fresh installs, upgrades, restarts, PUID changes, UID collisions, bind mounts, modular mode, PG major upgrades, and end-to-end web UI verification
2026-03-11 23:36:32 -05:00
None
bb2c3c228d Fix stale env vars in profile.d on container restart
- Rewrite /etc/profile.d/dispatcharr.sh on every startup instead of only on first run, so container restarts with changed env vars pick up new values
- Quote exported values to prevent breakage from special characters in POSTGRES_PASSWORD or other vars
- Update /etc/environment entries instead of skipping if already present
2026-03-06 15:27:19 -06:00
None
4f41c287ac Fix Redis flush and wait_for_redis in modular mode
- Move modular Redis wait from uWSGI exec-pre to entrypoint (exec-pre runs under 'su -' which strips Docker env vars, so DISPATCHARR_ENV and REDIS_HOST were never available)
- Selective flush in modular mode: clears stale app state (stream locks, proxy metadata) while preserving Celery broker/result keys
- AIO mode unchanged: full flushdb via uWSGI exec-pre
- Update unit tests for both flush paths
2026-03-06 15:17:32 -06:00
None
6ff81e6287 Fix modular mode deployment issues (#1045)
- Fix Postgres version check failing with restricted DB users (use $POSTGRES_DB instead of hardcoded 'postgres')
- Fix DVR recording broken in modular mode (respect DISPATCHARR_PORT instead of hardcoding 9191)
- Remove flushdb() from wait_for_redis.py to prevent Redis data loss on container restart
- Add DISPATCHARR_PORT to celery environment in docker-compose.yml
- Add depends_on health conditions for proper service startup ordering
- Add extra_hosts for host.docker.internal resolution on Linux
- Harden celery entrypoint with timeouts for JWT wait (120s) and migration wait (300s)
- Replace fragile showmigrations grep with migrate --check
- Add unit tests for DVR port resolution and flushdb removal regression
2026-03-03 17:18:16 -06:00
SergeantPanda
393bfd384c
Merge pull request #1028 from Dispatcharr/dev
Dispatcharr - v0.20.0
2026-02-26 14:05:41 -06:00
dekzter
d5349dcf4f create scripts directory 2026-02-26 14:07:34 -05:00
dekzter
6f4665e6eb merged in dev 2026-02-26 08:20:20 -05:00
SergeantPanda
9ada98936a
Merge pull request #996 from MotWakorb/patch-1
Some checks failed
Build and Push Multi-Arch Docker Image / build-and-push (push) Has been cancelled
Add restart policy to dispatcharr container
2026-02-19 14:39:54 -06:00
SergeantPanda
740ec733d1
Merge pull request #998 from MotWakorb/patch-3
Add restart policy to Docker services
2026-02-19 14:39:26 -06:00
MotWakorb
39f2f8f970
Add restart policy to Docker services
Adding a restart policy so that the default recommendation is to use unless-stopped.
2026-02-19 12:44:07 -06:00
MotWakorb
dd0f5e0b00
Add restart policy to Docker services
Adding a restart policy so that the default recommendation is to use unless-stopped.
2026-02-19 12:43:17 -06:00
MotWakorb
e7d4dbd637
Add restart policy to dispatcharr container
Adding a restart policy so that the default recommendation is to use unless-stopped.
2026-02-19 12:41:58 -06:00
SergeantPanda
daba81037d
Merge pull request #974 from patrickjmcd/main
fix: add support for legacy numpy in celery entrypoint
2026-02-17 10:44:15 -06:00
Patrick McDonagh
b1376386d5
docs: add legacy NumPy support instructions in docker-compose 2026-02-17 09:50:50 -06:00
Patrick McDonagh
a52b3dfbe5
fix: add support for legacy numpy in celery entrypoint 2026-02-12 13:08:25 -06:00
None
39646f0b01 Fix modular mode PostgreSQL/Redis connection checks
Replace raw Python AF_INET socket checks with pg_isready (PostgreSQL) and socket.create_connection (Redis) in modular deployment mode

The raw socket check may fail in some Docker environments depending on networking and DNS configurations, causing indefinite hangs. Replaced database check with native pg_isready
and memstore checck with AF_UNSPEC in the case IPv6 is enabled.

Fixes #952
2026-02-10 23:00:35 -06:00