feat: add Redis session caching to OpenVPMS community container

Co-authored-by: szaimen <42591237+szaimen@users.noreply.github.com>
Agent-Logs-Url: https://github.com/nextcloud/all-in-one/sessions/c42ae907-77ce-4b85-8b6f-a379a4b8c1c7

community-containers/openvpms/Dockerfile

@@ -3,6 +3,7 @@ FROM tomcat:9.0-jdk17-temurin-alpine
 
 ARG OPENVPMS_VERSION=2.4.0.1
 ARG MARIADB_DRIVER_VERSION=3.4.1
+ARG REDISSON_VERSION=4.3.0
 
 RUN set -ex; \
     apk upgrade --no-cache -a; \
@@ -10,6 +11,7 @@ RUN set -ex; \
         bash \
         curl \
         mariadb-client \
+        redis \
         unzip; \
     \
     # Change Tomcat's connector port from 8080 to 11001
@@ -19,6 +21,12 @@ RUN set -ex; \
     curl -fsSL -o /usr/local/tomcat/lib/mariadb-java-client.jar \
         "https://repo1.maven.org/maven2/org/mariadb/jdbc/mariadb-java-client/${MARIADB_DRIVER_VERSION}/mariadb-java-client-${MARIADB_DRIVER_VERSION}.jar"; \
     \
+    # Download Redisson JARs for Redis-backed Tomcat session management
+    curl -fsSL -o /usr/local/tomcat/lib/redisson-all.jar \
+        "https://repo1.maven.org/maven2/org/redisson/redisson-all/${REDISSON_VERSION}/redisson-all-${REDISSON_VERSION}.jar"; \
+    curl -fsSL -o /usr/local/tomcat/lib/redisson-tomcat-9.jar \
+        "https://repo1.maven.org/maven2/org/redisson/redisson-tomcat-9/${REDISSON_VERSION}/redisson-tomcat-9-${REDISSON_VERSION}.jar"; \
+    \
     # Remove default webapps
     rm -rf /usr/local/tomcat/webapps/*; \
     \

community-containers/openvpms/entrypoint.sh

@@ -9,6 +9,20 @@ until mariadb -h "${DB_HOST}" -u "${DB_USER}" -p"${DB_PASSWORD}" "${DB_NAME}" -e
 done
 echo "Database is ready."
 
+# Wait for Redis to be ready
+echo "Waiting for Redis at ${REDIS_HOST}:6379 to be ready..."
+until redis-cli -h "${REDIS_HOST}" ping 2>/dev/null | grep -q "PONG"; do
+    echo "Redis not yet available, retrying in 3 seconds..."
+    sleep 3
+done
+echo "Redis is ready."
+
+# Write the Redisson configuration for Redis-backed session management
+cat > /usr/local/tomcat/conf/redisson.yaml <<EOF
+singleServerConfig:
+  address: "redis://${REDIS_HOST}:6379"
+EOF
+
 # Write the JNDI datasource configuration, substituting env vars at runtime
 cat > /usr/local/tomcat/conf/context.xml <<EOF
 <?xml version="1.0" encoding="UTF-8"?>
@@ -23,6 +37,10 @@ cat > /usr/local/tomcat/conf/context.xml <<EOF
               maxTotal="20"
               maxIdle="10"
               maxWaitMillis="-1"/>
+    <Manager className="org.redisson.tomcat.RedissonSessionManager"
+             configPath="/usr/local/tomcat/conf/redisson.yaml"
+             readMode="REDIS"
+             updateMode="DEFAULT"/>
 </Context>
 EOF
 

community-containers/openvpms/openvpms.json

@@ -9,7 +9,8 @@
             "internal_port": "11001",
             "restart": "unless-stopped",
             "depends_on": [
-                "nextcloud-aio-openvpms-db"
+                "nextcloud-aio-openvpms-db",
+                "nextcloud-aio-openvpms-redis"
             ],
             "environment": [
                 "TZ=%TIMEZONE%",
@@ -17,7 +18,8 @@
                 "DB_HOST=nextcloud-aio-openvpms-db",
                 "DB_NAME=openvpms",
                 "DB_USER=openvpms",
-                "DB_PASSWORD=%OPENVPMS_DB_PASSWORD%"
+                "DB_PASSWORD=%OPENVPMS_DB_PASSWORD%",
+                "REDIS_HOST=nextcloud-aio-openvpms-redis"
             ],
             "secrets": [
                 "OPENVPMS_DB_PASSWORD"
@@ -39,6 +41,17 @@
                 "nextcloud_aio_openvpms"
             ]
         },
+        {
+            "container_name": "nextcloud-aio-openvpms-redis",
+            "display_name": "OpenVPMS Redis",
+            "image": "redis",
+            "image_tag": "7-alpine",
+            "hide_from_list": true,
+            "restart": "unless-stopped",
+            "tmpfs": [
+                "/data"
+            ]
+        },
         {
             "container_name": "nextcloud-aio-openvpms-db",
             "display_name": "OpenVPMS Database",

community-containers/openvpms/readme.md

@@ -5,6 +5,7 @@ This container bundles [OpenVPMS](https://openvpms.org) — an open-source veter
 - You need to enable the [Caddy community container](https://github.com/nextcloud/all-in-one/tree/main/community-containers/caddy) as it is required to expose the OpenVPMS web interface. The web interface will be available at `https://vpms.your-nc-domain.com/openvpms` once Caddy is running.
 - You need to point `vpms.your-nc-domain.com` to your server using a CNAME or A/AAAA record so that Caddy can obtain a TLS certificate automatically.
 - It is recommended to also enable the [Fail2ban community container](https://github.com/nextcloud/all-in-one/tree/main/community-containers/fail2ban) to automatically block IP addresses with too many failed login attempts.
+- A dedicated Redis instance is automatically started alongside OpenVPMS to store HTTP sessions externally, reducing JVM heap pressure and improving overall throughput.
 - The data of OpenVPMS and its database will be automatically included in AIO's backup solution!
 - See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers how to add it to the AIO stack