mocode-software/meldestelle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

build: optimize Postgres container configuration for performance and stability

Browse Source 
Updated `dc-infra.yaml` to enable automatic restart (`unless-stopped`), introduce dynamic memory allocations via environment variables, and adjust healthcheck intervals for reduced load. Enhanced `postgresql.conf` with performance tuning comments, schema search path inclusion for Keycloak and app users, and SSL adjustments for internal communication.
This commit is contained in:
Stefan Mogeritsch 2026-02-12 13:15:53 +01:00
parent f470e88e9f
commit 0ebcfaa3b7
2 changed files with 22 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
config/docker/postgres/postgresql.conf
View File

@ -1,6 +1,10 @@
# PostgreSQL Configuration File # PostgreSQL Configuration File
# Optimized for Meldestelle application # Optimized for Meldestelle application
# Alle anderen Performance-Werte (shared_buffers etc.) können hier auf
# den niedrigen Werten bleiben, da sie durch den 'command' oben
# in der docker-compose dynamisch überschrieben werden.
# Connection Settings # Connection Settings
listen_addresses = '*' listen_addresses = '*'
max_connections = 100 max_connections = 100
@ -65,8 +69,9 @@ autovacuum_analyze_scale_factor = 0.025
autovacuum_vacuum_cost_delay = 20ms autovacuum_vacuum_cost_delay = 20ms
autovacuum_vacuum_cost_limit = 2000 autovacuum_vacuum_cost_limit = 2000
# Statement Behavior # OPTIMIERUNG: Search Path für Keycloak und App-User
search_path = '"$user", public' # Postgres sucht erst im Schema des Users, dann in public, dann in keycloak.
search_path = '"$user", public, keycloak'
row_security = on row_security = on
# Client Connection Defaults # Client Connection Defaults
@ -78,7 +83,7 @@ idle_in_transaction_session_timeout = 600000 # 10 minutes, prevents idle transa
# Disk # Disk
temp_file_limit = 1GB # Limits temp file size temp_file_limit = 1GB # Limits temp file size
# SSL # OPTIMIERUNG: SSL deaktiviert lassen für interne Kommunikation
ssl = off ssl = off
ssl_prefer_server_ciphers = on ssl_prefer_server_ciphers = on

18
dc-infra.yaml
View File

@ -9,7 +9,8 @@ services:
postgres: postgres:
image: "${POSTGRES_IMAGE:-postgres:16-alpine}" image: "${POSTGRES_IMAGE:-postgres:16-alpine}"
container_name: "${PROJECT_NAME:-meldestelle}-postgres" container_name: "${PROJECT_NAME:-meldestelle}-postgres"
restart: no # OPTIMIERUNG: Automatischer Neustart bei System-Reboot
restart: unless-stopped
ports: ports:
- "${POSTGRES_PORT:-5432:5432}" - "${POSTGRES_PORT:-5432:5432}"
environment: environment:
@ -21,13 +22,22 @@ services:
- "./config/docker/postgres:/docker-entrypoint-initdb.d:Z" - "./config/docker/postgres:/docker-entrypoint-initdb.d:Z"
- "./config/docker/postgres/postgresql.conf:/etc/postgresql/postgresql.conf:Z" - "./config/docker/postgres/postgresql.conf:/etc/postgresql/postgresql.conf:Z"
profiles: [ "infra", "all" ] profiles: [ "infra", "all" ]
command: [ "postgres", "-c", "config_file=/etc/postgresql/postgresql.conf" ] # OPTIMIERUNG: Dynamische Speicherzuweisung via .env Overrides
command:
- "postgres"
- "-c"
- "config_file=/etc/postgresql/postgresql.conf"
- "-c"
- "shared_buffers=${POSTGRES_SHARED_BUFFERS:-256MB}"
- "-c"
- "effective_cache_size=${POSTGRES_EFFECTIVE_CACHE_SIZE:-768MB}"
healthcheck: healthcheck:
test: [ "CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}" ] test: [ "CMD-SHELL", "pg_isready -U ${POSTGRES_USER} -d ${POSTGRES_DB}" ]
interval: "5s" # OPTIMIERUNG: Höheres Intervall (10s), um Zora im Normalbetrieb zu entlasten
interval: "10s"
timeout: "5s" timeout: "5s"
retries: "5" retries: "5"
start_period: "10s" start_period: "5s"
networks: networks:
meldestelle-network: meldestelle-network:
aliases: aliases: