alterações gerais

compose/local/django/Dockerfile

@@ -1,6 +1,4 @@
-# FROM docker.io/python:3.12.9-slim-bookworm AS python # Linha removida, já definida abaixo
 
-# Python build stage - Mantenha apenas dependências de BUILD aqui
 FROM docker.io/python:3.12.9-slim-bookworm AS python-build-stage
 
 ARG BUILD_ENVIRONMENT=local
@@ -44,9 +42,10 @@ RUN apt-get update && apt-get install --no-install-recommends -y \
     tesseract-ocr \
     tesseract-ocr-por \
     ghostscript \
+    openjdk-17-jdk \
     # libtesseract-dev \
     # Utilitários do devcontainer e outros
-    sudo git bash-completion vim ssh \
+    sudo git bash-completion vim ssh curl \
  # Limpeza
  && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
  && rm -rf /var/lib/apt/lists/*

compose/local/django/start

@@ -4,7 +4,17 @@ set -o errexit
 set -o pipefail
 set -o nounset
 
-
+# Aplica migrações antes de iniciar o servidor
 python manage.py migrate
 
-exec python manage.py runserver_plus 0.0.0.0:8005
+# Coleta arquivos estáticos
+python manage.py collectstatic --noinput
+
+python manage.py compress --force
+
+# Inicia o servidor com Gunicorn
+exec gunicorn config.wsgi:application \
+    --bind 0.0.0.0:8005 \
+    --workers 4 \
+    --timeout 120
+# python manage.py runserver_plus 0.0.0.0:8005

compose/local/nginx/nginx.conf

@@ -0,0 +1,44 @@
+upstream django {
+    server django:8005;
+}
+
+server {
+    listen 80;
+    server_name 192.168.235.234 localhost;
+
+    client_max_body_size 10M;
+
+    location / {
+        proxy_pass http://django;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_redirect off;
+        
+        # Timeouts
+        proxy_connect_timeout 75s;
+        proxy_read_timeout 300s;
+    }
+
+    location /static/ {
+        alias /app/staticfiles/;
+        expires 30d;
+        access_log off;
+        add_header Cache-Control "public, no-transform";
+    }
+
+    location /media/ {
+        alias /app/media/;
+        expires 30d;
+        access_log off;
+        add_header Cache-Control "public, no-transform";
+    }
+
+    # Bloqueia acesso a arquivos ocultos
+    location ~ /\. {
+        deny all;
+        access_log off;
+        log_not_found off;
+    }
+}

compose/production/django/Dockerfile

@@ -1,4 +1,3 @@
-
 # define an alias for the specific python version used in this file.
 FROM docker.io/python:3.12.9-slim-bookworm AS python
 
@@ -9,77 +8,66 @@ ARG BUILD_ENVIRONMENT=production
 
 # Install apt packages
 RUN apt-get update && apt-get install --no-install-recommends -y \
-  # dependencies for building Python packages
   build-essential \
-  # psycopg dependencies
-  libpq-dev
-
+  libpq-dev \
+  wait-for-it \
+  && rm -rf /var/lib/apt/lists/*
 
 # Requirements are installed here to ensure they will be cached.
 COPY ./requirements .
 
 # Create Python Dependency and Sub-Dependency Wheels.
-RUN pip wheel --wheel-dir /usr/src/app/wheels  \
+RUN pip wheel --wheel-dir /usr/src/app/wheels \
   -r ${BUILD_ENVIRONMENT}.txt
 
-
 # Python 'run' stage
 FROM python AS python-run-stage
 
 ARG BUILD_ENVIRONMENT=production
 ARG APP_HOME=/app
 
-ENV PYTHONUNBUFFERED=1
-ENV PYTHONDONTWRITEBYTECODE=1
-ENV BUILD_ENV=${BUILD_ENVIRONMENT}
+ENV PYTHONUNBUFFERED=1 \
+    PYTHONDONTWRITEBYTECODE=1 \
+    BUILD_ENV=${BUILD_ENVIRONMENT} \
+    PATH="/home/django/.local/bin:${PATH}"
 
 WORKDIR ${APP_HOME}
 
-RUN addgroup --system django \
-  && adduser --system --ingroup django django
-
+# Create system user
+RUN addgroup --system django && \
+    adduser --system --ingroup django django
 
 # Install required system dependencies
 RUN apt-get update && apt-get install --no-install-recommends -y \
-  # psycopg dependencies
   libpq-dev \
-  # Translations dependencies
   gettext \
-  # entrypoint
-  wait-for-it \
-  # cleaning up unused files
   && apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false \
   && rm -rf /var/lib/apt/lists/*
 
-# All absolute dir copies ignore workdir instruction. All relative dir copies are wrt to the workdir instruction
-# copy python dependency wheels from python-build-stage
-COPY --from=python-build-stage /usr/src/app/wheels  /wheels/
+# Copy python dependency wheels
+COPY --from=python-build-stage /usr/src/app/wheels /wheels/
 
-# use wheels to install python dependencies
+# Install python dependencies
 RUN pip install --no-cache-dir --no-index --find-links=/wheels/ /wheels/* \
   && rm -rf /wheels/
 
-
+# Copy entrypoint and start scripts
 COPY --chown=django:django ./compose/production/django/entrypoint /entrypoint
-RUN sed -i 's/\r$//g' /entrypoint
-RUN chmod +x /entrypoint
-
+RUN sed -i 's/\r$//g' /entrypoint && \
+    chmod +x /entrypoint
 
 COPY --chown=django:django ./compose/production/django/start /start
-RUN sed -i 's/\r$//g' /start
-RUN chmod +x /start
+RUN sed -i 's/\r$//g' /start && \
+    chmod +x /start
 
-
-# copy application code to WORKDIR
+# Copy application code
 COPY --chown=django:django . ${APP_HOME}
 
-# make django owner of the WORKDIR directory as well.
-RUN chown -R django:django ${APP_HOME}
+# Fix permissions
+RUN chown -R django:django ${APP_HOME} && \
+    find ${APP_HOME} -type d -exec chmod 755 {} \; && \
+    find ${APP_HOME} -type f -exec chmod 644 {} \;
 
 USER django
 
-RUN DATABASE_URL="" \
-  DJANGO_SETTINGS_MODULE="config.settings.test" \
-  python manage.py compilemessages
-
 ENTRYPOINT ["/entrypoint"]

compose/production/django/start

@@ -1,29 +1,51 @@
 #!/bin/bash
+#!/bin/bash
 
 set -o errexit
 set -o pipefail
 set -o nounset
 
+# Configurações ajustáveis via variáveis de ambiente
+PORT=${GUNICORN_PORT:-8005}
+WORKERS=${GUNICORN_WORKERS:-$(( $(nproc) * 2 + 1 ))}
+TIMEOUT=${GUNICORN_TIMEOUT:-120}
+MAX_REQUESTS=${GUNICORN_MAX_REQUESTS:-1000}
 
+# Aplica migrações do banco de dados (com tratamento de erro)
+python /app/manage.py migrate --noinput || {
+    echo "⚠️ Falha nas migrações do banco de dados!";
+    exit 1;
+}
+
+# Coleta arquivos estáticos
 python /app/manage.py collectstatic --noinput
 
+# Verifica e comprime arquivos (se compressor ativado)
 compress_enabled() {
-python << END
+    python << END
 import sys
-
 from environ import Env
 
 env = Env(COMPRESS_ENABLED=(bool, True))
-if env('COMPRESS_ENABLED'):
-    sys.exit(0)
-else:
-    sys.exit(1)
-
+sys.exit(0 if env('COMPRESS_ENABLED') else 1)
 END
 }
 
 if compress_enabled; then
-  # NOTE this command will fail if django-compressor is disabled
-  python /app/manage.py compress
+    python /app/manage.py compress --verbosity=0 || {
+        echo "⚠️ Falha ao comprimir arquivos (django-compressor pode estar desativado)";
+    }
 fi
-exec /usr/local/bin/gunicorn config.wsgi --bind 0.0.0.0:5000 --chdir=/app
+
+# Inicia o Gunicorn com configurações otimizadas
+exec /usr/local/bin/gunicorn config.wsgi:application \
+    --bind 0.0.0.0:${PORT} \
+    --workers ${WORKERS} \
+    --timeout ${TIMEOUT} \
+    --max-requests ${MAX_REQUESTS} \
+    --worker-class sync \
+    --name diarios_oficiais_alems \
+    --access-logfile - \
+    --error-logfile - \
+    --chdir=/app
+

compose/production/nginx/nginx.conf

@@ -0,0 +1,39 @@
+worker_processes auto;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include mime.types;
+    default_type application/octet-stream;
+
+    sendfile on;
+    keepalive_timeout 180;
+    gzip on;
+
+    server {
+        listen 80;
+        server_name _;
+
+        location / {
+            proxy_pass http://django:8005;
+            proxy_set_header Host $host;
+            proxy_set_header X-Real-IP $remote_addr;
+            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $scheme;
+        }
+
+        location /static/ {
+            alias /usr/share/nginx/static/;
+            expires 30d;
+            access_log off;
+        }
+
+        location /media/ {
+            alias /usr/share/nginx/media/;
+            expires 30d;
+            access_log off;
+        }
+    }
+}