bd035f8c17
Nginx was closing the client connection after exactly 60 seconds on requests like clip_video (ffmpeg, 5-40 min) because send_timeout and proxy_send_timeout both default to 60s. proxy_read_timeout was already 2100s but the other two timeouts were still at defaults. With proxy_buffering off, Nginx holds the write path to the client open as soon as the upstream connection is established. If the upstream sends no data for 60s (e.g. ffmpeg processing), Nginx treats the idle write path as stalled and closes the client connection, logging 499 (Client Closed Request). Fixed: raise proxy_send_timeout and send_timeout to 2100s to match proxy_read_timeout in the main location block. Also raised the Gunicorn default timeout from 30s to 120s in gunicorn_conf.py as a belt-and-suspenders measure (AE_API_GUNICORN_TIMEOUT env var takes precedence). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Aether Framework - Docker Environment (Unified V3)
This repository provides the unified Docker orchestration and configuration for the Aether Platform. It manages the lifecycle of the Aether API (FastAPI), Aether App (SvelteKit), and supporting infrastructure (MariaDB, Redis, Nginx).
🌐 Traffic Architecture
The V3 environment uses a Dual-Network strategy to support multiple isolated stacks (test, bak, prod) on a single host while sharing core services like MariaDB or Redis.
External Internet
↓
Home Server Nginx (SSL termination, domain routing)
↓ ↓
workstation:3001 workstation:5060
(AE_APP_GATEWAY_PORT) (AE_API_GATEWAY_PORT)
↓ ↓
ae_web_dev (Docker nginx, port 80)
↓ ↓
svelte_backend fastapi_backend
(Docker DNS round-robin) (Docker DNS round-robin)
↓ ↓
ae_app replicas ae_api replicas
Key Improvements:
- Scalable Routing: Nginx uses Regex (
~^(dev|test|bak|sr|prod)?-?...) to automatically handle any environment prefix without configuration changes. - Isolated Stacks: Each deployment uses a unique
AE_NETWORK_NAMEandCONTAINER_prefix to prevent collisions. - Shared Services: Core infrastructure (DB/Redis) resides on the
aether_shared_netwhich must be created manually once.
🚀 Quick Start
1. Initialize Host Network
Before starting your first stack, create the shared internal network:
docker network create aether_shared_net
2. Initialize Directory Structure
Create the base directory and clone this environment:
sudo mkdir -p /srv/env/aether
sudo chown -R $USER:$USER /srv/env/aether
git clone https://bitbucket.org/oneskyit/one-sky-it-container-environment.git /srv/env/aether/container_env
3. Configure Environment Settings
Copy the template and update it with your unique stack identifiers:
cd /srv/env/aether/container_env
cp env.default .env
# CRITICAL: Set unique CONTAINER_ prefixes and AE_NETWORK_NAME for each stack
vim .env
3. Configure Data & Source Paths
The containers locate data and source code using absolute paths defined in your .env file. Ensure these variables point to the correct locations on your host system:
AE_API_SRC: Path to youraether_api_fastapirepository.AE_APP_SRC: Path to youraether_app_sveltekitrepository.HOSTED_FILES_SRC: Path to the physical storage for images/documents.HOSTED_TMP_SRC: Path for temporary file processing.
4. Certificates & Database
- SSL: Place your wild-card certificates in
conf/certs/(matching the filenames indocker-compose.yml). - Database: Use the restoration scripts (see below) to import a MariaDB snapshot.
🛠️ Management Commands
Orchestration (Unified Stack)
docker compose up -d --build # Build and start all services (Autonomous SvelteKit build)
docker compose down # Stop all services
docker compose restart ae_app # Restart the SvelteKit UI
docker compose restart ae_api # Restart the FastAPI Backend
Deployment Workflow
The SvelteKit application is built inside the container. You can control the build mode (which bakes in the correct PUBLIC_ variables) via the .env file:
- Set
AE_APP_BUILD_MODE=stagingfor development/testing. - Set
AE_APP_BUILD_MODE=prodfor production.
Then run:
docker compose up -d --build ae_app
🗄️ Database Management (Physical Backups)
... (rest of the file remains the same) ...
The system uses physical hot backups via mariabackup for maximum speed and data integrity.
User-Facing Scripts
These scripts are located in the root directory:
./backup_db.sh: Triggers an immediate hot backup. Results are stored inbackups/../export_db.sh: Creates a "Conference Ready" backup inbackups/conference_export/with host-user ownership../restore_db.sh [backup_file.gz]: Performs a full "Clean Slate" restoration.- Warning: This stops MariaDB, archives current data, and resets
rootpasswords to match your.env.
- Warning: This stops MariaDB, archives current data, and resets
./check_and_import.sh: A watchdog script that monitorsbackups/import/for new snapshots and triggers automated restoration.
📂 Directory Map
conf/: Configuration templates for Nginx and Gunicorn. API config now lives in theaether_api_fastapirepo asapp/config.pyand reads settings directly from env vars.logs/: Centralized logging for all containers.srv/: Mount points for data and source code (managed via symlinks).scripts/: Internal automation logic.backups/: Storage for MariaDB snapshots.
📝 Configuration Guidelines
Environment Profiles (COMPOSE_PROFILES)
database: Includes MariaDB, phpMyAdmin, and theae_opsmaintenance service.- App-Only: Leave empty if connecting to a remote/shared database server.
Aether Config ID (AE_CFG_ID)
Specifies the record from the cfg table to load during the API bootstrap process:
1: Default / Template5: Home Development7: Live Testing
⚠️ Security Notes
- Never commit the
.envfile (it is ignored by git). - Ensure
AE_API_JWT_KEYis a unique, high-entropy string in production. - The API prioritizes
.envcredentials over DB settings for core infrastructure (SMTP/DB) to prevent accidental lockouts.