From b36266e2b2601bef1a90c4763b2b711132bf39b3 Mon Sep 17 00:00:00 2001
From: Nick Mowen <nickmowen213@gmail.com>
Date: Mon, 12 Dec 2022 14:25:51 -0700
Subject: [PATCH] Build nginx in dockerfile and enable threaded vod handling

---
 Dockerfile                                    | 23 ++++++++++-----
 docker/rootfs/usr/local/nginx/conf/nginx.conf | 28 +++++++++++--------
 2 files changed, 33 insertions(+), 18 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index bc74b5071..74bc3c6f3 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -19,8 +19,9 @@ WORKDIR /rootfs
 
 
 FROM ubuntu:20.04 AS nginx
-ARG NGINX_VERSION=1.18.0
-ARG VOD_MODULE_VERSION=1.28
+ARG DEBIAN_FRONTEND
+ARG NGINX_VERSION=1.22.1
+ARG VOD_MODULE_VERSION=1.30
 ARG SECURE_TOKEN_MODULE_VERSION=1.4
 ARG RTMP_MODULE_VERSION=1.2.1
 
@@ -30,17 +31,25 @@ RUN cp /etc/apt/sources.list /etc/apt/sources.list~ \
 
 RUN apt-get -yqq build-dep nginx
 
-RUN apt-get -yqq install --no-install-recommends curl \
+RUN apt-get -yqq install --no-install-recommends ca-certificates wget \
     && mkdir /tmp/nginx \
-    && curl -sL https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz | tar -C /tmp/nginx -zx --strip-components=1 \
+    && wget https://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz \
+    && tar -zxf nginx-${NGINX_VERSION}.tar.gz -C /tmp/nginx --strip-components=1 \
+    && rm nginx-${NGINX_VERSION}.tar.gz \
     && mkdir /tmp/nginx-vod-module \
-    && curl -sL https://github.com/kaltura/nginx-vod-module/archive/refs/tags/${VOD_MODULE_VERSION}.tar.gz | tar -C /tmp/nginx-vod-module -zx --strip-components=1 \
+    && wget https://github.com/kaltura/nginx-vod-module/archive/refs/tags/${VOD_MODULE_VERSION}.tar.gz \
+    && tar -zxf ${VOD_MODULE_VERSION}.tar.gz -C /tmp/nginx-vod-module --strip-components=1 \
+    && rm ${VOD_MODULE_VERSION}.tar.gz \
     # Patch MAX_CLIPS to allow more clips to be added than the default 128
     && sed -i 's/MAX_CLIPS (128)/MAX_CLIPS (1080)/g' /tmp/nginx-vod-module/vod/media_set.h \
     && mkdir /tmp/nginx-secure-token-module \
-    && curl -sL https://github.com/kaltura/nginx-secure-token-module/archive/refs/tags/${SECURE_TOKEN_MODULE_VERSION}.tar.gz | tar -C /tmp/nginx-secure-token-module -zx --strip-components=1 \
+    && wget https://github.com/kaltura/nginx-secure-token-module/archive/refs/tags/${SECURE_TOKEN_MODULE_VERSION}.tar.gz \
+    && tar -zxf ${SECURE_TOKEN_MODULE_VERSION}.tar.gz -C /tmp/nginx-secure-token-module --strip-components=1 \
+    && rm ${SECURE_TOKEN_MODULE_VERSION}.tar.gz \
     && mkdir /tmp/nginx-rtmp-module \
-    && curl -sL https://github.com/arut/nginx-rtmp-module/archive/refs/tags/v${RTMP_MODULE_VERSION}.tar.gz | tar -C /tmp/nginx-rtmp-module -zx --strip-components=1
+    && wget https://github.com/arut/nginx-rtmp-module/archive/refs/tags/v${RTMP_MODULE_VERSION}.tar.gz \
+    && tar -zxf v${RTMP_MODULE_VERSION}.tar.gz -C /tmp/nginx-rtmp-module --strip-components=1 \
+    && rm v${RTMP_MODULE_VERSION}.tar.gz
 
 WORKDIR /tmp/nginx
 
diff --git a/docker/rootfs/usr/local/nginx/conf/nginx.conf b/docker/rootfs/usr/local/nginx/conf/nginx.conf
index 0188fbd2d..8e544b045 100644
--- a/docker/rootfs/usr/local/nginx/conf/nginx.conf
+++ b/docker/rootfs/usr/local/nginx/conf/nginx.conf
@@ -1,6 +1,6 @@
 daemon off;
 user root;
-worker_processes  1;
+worker_processes auto;
 
 error_log  /dev/stdout warn;
 pid        /var/run/nginx.pid;
@@ -19,9 +19,12 @@ http {
 
     access_log  /dev/stdout  main;
 
-    sendfile        on;
+    # send headers in one piece, it is better than sending them one by one
+    tcp_nopush on;
 
-    keepalive_timeout  65;
+    sendfile on;
+
+    keepalive_timeout 65;
 
     gzip on;
     gzip_comp_level 6;
@@ -60,9 +63,13 @@ http {
         vod_upstream_location /api;
         vod_ignore_edit_list on;
 
-        # vod performance
+        # vod performance https://github.com/kaltura/nginx-vod-module#performance-recommendations
         vod_hls_mpegts_align_frames off;
         vod_hls_mpegts_interleave_frames on;
+        aio on;
+
+        # https://github.com/kaltura/nginx-vod-module#vod_open_file_thread_pool
+        vod_open_file_thread_pool default;
 
         # vod caches
         vod_metadata_cache metadata_cache 512m;
@@ -72,14 +79,8 @@ http {
         gzip on;
         gzip_types application/vnd.apple.mpegurl;
 
-        # file handle caching / aio
-        open_file_cache          max=1000 inactive=5m;
-        open_file_cache_valid    2m;
-        open_file_cache_min_uses 1;
-        open_file_cache_errors   on;
-        aio on;
-
         location /vod/ {
+            aio threads;
             vod hls;
 
             secure_token $args;
@@ -93,6 +94,11 @@ http {
             expires off;
         }
 
+        location /vod_status {
+			vod_status;
+			access_log off;
+		}
+
         location /stream/ {
             add_header Cache-Control "no-store";
             expires off;