From fabeaf79d8799d94ff7d5c87be19f6cf99cc7f1b Mon Sep 17 00:00:00 2001 From: rajashish147 Date: Fri, 3 Apr 2026 15:38:01 +0530 Subject: [PATCH 1/3] feat(docker): update Grafana service configuration and add healthcheck --- infra/docker-compose.monitoring.yml | 11 +++++++++-- infra/nginx/api.conf | 4 ++-- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/infra/docker-compose.monitoring.yml b/infra/docker-compose.monitoring.yml index 8f80053..095772b 100644 --- a/infra/docker-compose.monitoring.yml +++ b/infra/docker-compose.monitoring.yml @@ -141,8 +141,8 @@ services: image: grafana/grafana:10.4.2 container_name: grafana restart: unless-stopped - ports: - - "127.0.0.1:3001:3000" + expose: + - "3000" environment: - GF_SECURITY_ADMIN_PASSWORD=${GRAFANA_ADMIN_PASSWORD} @@ -169,6 +169,13 @@ services: max-size: "10m" max-file: "3" + healthcheck: + test: ["CMD", "wget", "--spider", "-q", "http://localhost:3000/api/health"] + interval: 30s + timeout: 5s + retries: 3 + start_period: 30s + node-exporter: image: prom/node-exporter:v1.8.1 container_name: node-exporter diff --git a/infra/nginx/api.conf b/infra/nginx/api.conf index 3f1e525..b72834a 100644 --- a/infra/nginx/api.conf +++ b/infra/nginx/api.conf @@ -217,10 +217,10 @@ server { proxy_buffering on; } - # Grafana (Cloudflare + localhost only) + # Grafana (Cloudflare + localhost only, via Docker service DNS) location /monitor/ { if ($is_trusted_source = 0) { return 403; } - proxy_pass http://127.0.0.1:3333/monitor/; + proxy_pass http://grafana:3000/; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade; From 5e84b19d31aafa8ce185de47f92e01478ccbdc78 Mon Sep 17 00:00:00 2001 From: rajashish147 Date: Fri, 3 Apr 2026 15:42:11 +0530 Subject: [PATCH 2/3] feat(nginx): add Docker DNS resolution for upstream service names --- infra/nginx/api.conf | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/infra/nginx/api.conf b/infra/nginx/api.conf index b72834a..cbb5021 100644 --- a/infra/nginx/api.conf +++ b/infra/nginx/api.conf @@ -97,6 +97,17 @@ server { server_tokens off; + # ───────────────────────────────────────────────────────────────────────────── + # Docker DNS Resolution (CRITICAL for service name upstreams) + # + # Enables runtime DNS resolution for Docker service names (e.g., grafana:3000). + # Without this, Nginx fails at config-load with: "host not found in upstream". + # Docker's embedded resolver is at 127.0.0.11:53. + # valid=10s caches DNS lookups for 10 seconds. + # ───────────────────────────────────────────────────────────────────────────── + resolver 127.0.0.11 valid=10s; + resolver_timeout 5s; + # safer host validation (still simple) if ($host !~* ^(__API_HOSTNAME__|localhost|127\.0\.0\.1)$) { return 444; From c553275fe87749f10741b9975e1f6d12f6dbee40 Mon Sep 17 00:00:00 2001 From: rajashish147 Date: Fri, 3 Apr 2026 15:46:23 +0530 Subject: [PATCH 3/3] feat(nginx): use variable for Grafana upstream in /monitor/ location --- infra/nginx/api.conf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/infra/nginx/api.conf b/infra/nginx/api.conf index cbb5021..df8aa21 100644 --- a/infra/nginx/api.conf +++ b/infra/nginx/api.conf @@ -231,7 +231,8 @@ server { # Grafana (Cloudflare + localhost only, via Docker service DNS) location /monitor/ { if ($is_trusted_source = 0) { return 403; } - proxy_pass http://grafana:3000/; + set $grafana_upstream "http://grafana:3000"; + proxy_pass $grafana_upstream; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection $connection_upgrade;