From 638d656cb6d9fea17d8065ea8ac173a99518ada2 Mon Sep 17 00:00:00 2001
From: Nico Vaatstra <nico.vaatstra@open-xchange.com>
Date: Wed, 13 Dec 2023 15:01:10 +0100
Subject: [PATCH] Supervisor in Auth container image

---
 Docker-README.md | 18 ++++++++++++++++++
 Dockerfile-auth  |  4 ++--
 2 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/Docker-README.md b/Docker-README.md
index 504d89b066..84700e84e5 100644
--- a/Docker-README.md
+++ b/Docker-README.md
@@ -58,3 +58,21 @@ There are multiple ways of dealing with these restrictions if you encounter them
     * Auth & Recursor: `local-address` and/or `local-port`
 
 Note: Docker Engine 20.10.0 (released december 2020) removed the need to set the `NET_BIND_SERVICE` capability when attempting to bind to a privileged port.
+
+## Auth and Supervisord
+
+The auth image uses `tini` as init process to run auth via the startup.py wrapper. However, it also has `supervisord` available for special use cases. Example scenarios for using `supervisord` include:
+
+* Running multiple processes (ie: auth + ixfrdist) within the same container - Generally not advisable, but has benefits in some cases
+* Allowing restarts of processes within a container without having the entire container restart - Primarily has benefits in Kubernetes where you could have a process (ixfrdist for example) restart when a mounted configmap containing the process' configuration is observed to be modified.
+
+To use `supervisord` as within Kubernetes, you can configure the container with the following:
+
+```yaml
+command: ["supervisord"]
+args:
+  - "--configuration"
+  - "/path/to/supervisord.conf"
+```
+
+In the above example `/path/to/supervisord.conf` is the path where a configmap containing your supervisord configuration is mounted. Further details about `supervisord` and how to configure it can be found here: http://supervisord.org/configuration.html
\ No newline at end of file
diff --git a/Dockerfile-auth b/Dockerfile-auth
index bde213083a..c600200615 100644
--- a/Dockerfile-auth
+++ b/Dockerfile-auth
@@ -72,8 +72,8 @@ FROM debian:11-slim
 RUN apt-get update && apt-get -y dist-upgrade && apt-get clean
 
 # Ensure python3 and jinja2 is present (for startup script), and sqlite3 (for db schema), and tini (for signal management),
-#   and vim (for pdnsutil edit-zone) 
-RUN apt-get install -y python3 python3-jinja2 sqlite3 tini libcap2-bin vim-tiny && apt-get clean
+#   and vim (for pdnsutil edit-zone) , and supervisor (for special use cases requiring advanced process management)
+RUN apt-get install -y python3 python3-jinja2 sqlite3 tini libcap2-bin vim-tiny supervisor && apt-get clean
 
 # Output from builder
 COPY --from=builder /build /
-- 
2.47.2