From 41980212129c4bffcfce9297d5bc768c66b98b7a Mon Sep 17 00:00:00 2001
From: Oscar Krause <oscar.krause@collinwebdesigns.de>
Date: Tue, 3 Jan 2023 18:10:02 +0100
Subject: [PATCH] README.md - fixed windows issue with
 `/leasing/v1/lessor/shutdown`

---
 README.md          |  25 ++++++++++-
 docker-compose.yml | 108 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 131 insertions(+), 2 deletions(-)
 create mode 100644 docker-compose.yml

diff --git a/README.md b/README.md
index e64effa..9642367 100644
--- a/README.md
+++ b/README.md
@@ -11,7 +11,8 @@ Only the clients need a connection to this service on configured port.
 
 ## ToDo's
 
-- Support http mode for using external https proxy (disable uvicorn ssl for using behind proxy)
+- check why windows guests display "can't acquire license" although in log there is no message displayed and license is
+  also acquired successfully
 
 ## Endpoints
 
@@ -102,6 +103,8 @@ docker run -e DLS_URL=`hostname -i` -e DLS_PORT=443 -p 443:443 -v $WORKING_DIR:/
 
 **Docker-Compose / Deploy stack**
 
+Goto [`docker-compose.yml`](docker-compose.yml) for more advanced example.
+
 ```yaml
 version: '3.9'
 
@@ -439,7 +442,10 @@ Dec 20 17:53:34 ubuntu-grid-server nvidia-gridd[10354]: License acquired success
 
 </details>
 
-### Error on releasing leases on shutdown
+### Error on releasing leases on shutdown (fixed in 1.3 by using reverse proxy)
+
+**UPDATE for version `1.3`**: This issue can be fixed by using a reverse proxy (e.g. `nginx`). Please read section
+below.
 
 The driver wants to release current leases on shutting down windows. This endpoint needs to be a http endpoint and
 is currently not implemented. The error message looks like and safely can be ignored (since we have no license
@@ -452,6 +458,21 @@ limitation :P):
 <0>:End Logging
 ```
 
+#### log with 1.3 and nginx as reverse proxy
+
+```
+<1>:NLS initialized
+<2>:NLS initialized
+<1>:Valid GRID license not found. GPU features and performance will be fully degraded. To enable full functionality please configure licensing details.
+<1>:License acquired successfully. (Info: 192.168.178.33, NVIDIA RTX Virtual Workstation; Expiry: 2023-1-4 16:48:20 GMT)
+<2>:Valid GRID license not found. GPU features and performance will be fully degraded. To enable full functionality please configure licensing details.
+<2>:License acquired successfully from local trusted store. (Info: 192.168.178.33, NVIDIA RTX Virtual Workstation; Expiry: 2023-1-4 16:48:20 GMT)
+<2>:End Logging
+<1>:End Logging
+<0>:License returned successfully. (Info: 192.168.178.33)
+<0>:End Logging
+```
+
 # Credits
 
 Thanks to vGPU community and all who uses this project and report bugs.
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..2411067
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,108 @@
+version: '3.9'
+
+x-dls-variables: &dls-variables
+  DLS_URL: localhost  # REQUIRED
+  DLS_PORT: 443  # must match nginx listen port
+  LEASE_EXPIRE_DAYS: 90
+  DATABASE: sqlite:////app/database/db.sqlite
+  DEBUG: false
+
+services:
+  web:
+    image: nginx
+    ports:
+      # thees are ports where nginx (!) is listen to
+      - "80:80"  # for "/leasing/v1/lessor/shutdown" used by windows guests, can't be changed!
+      - "443:443"  # first part must match "DLS_PORT"
+    volumes:
+      - /opt/docker/fastapi-dls/cert:/opt/cert
+    healthcheck:
+      test: [ "CMD", "curl", "--insecure", "--fail", "https://localhost/-/health" ]
+      interval: 10s
+      timeout: 5s
+      retries: 3
+      start_period: 30s
+    command: |
+      bash -c 'bash -s <<"EOF"
+      cat > /etc/nginx/nginx.conf <<"EON"
+      daemon off;
+      user root;
+      worker_processes auto;
+      
+      events {
+        worker_connections 1024;
+      }
+      
+      http {
+        gzip on;
+        gzip_disable "msie6";
+        include /etc/nginx/mime.types;
+      
+        upstream dls-backend {
+          server dls:443;
+        }
+      
+        server {
+          listen 443 ssl http2 default_server;
+          listen [::]:443 ssl http2 default_server;
+      
+          root /var/www/html;
+          index index.html;
+          server_name _;
+      
+          ssl_certificate "/opt/cert/webserver.crt";
+          ssl_certificate_key "/opt/cert/webserver.key";
+          ssl_session_cache shared:SSL:1m;
+          ssl_session_timeout  10m;
+          ssl_protocols TLSv1.3 TLSv1.2;
+          # ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305";
+          # ssl_ciphers PROFILE=SYSTEM;
+          ssl_prefer_server_ciphers on;
+      
+          location / {
+            proxy_ssl_verify off;
+            proxy_set_header Host $$http_host;
+            proxy_set_header X-Real-IP $$remote_addr;
+            proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $$scheme;
+            proxy_pass https://dls-backend$$request_uri;
+          }
+        }
+      
+        server {
+          listen 80;
+          listen [::]:80;
+      
+          root /var/www/html;
+          index index.html;
+          server_name _;
+      
+          location /leasing/v1/lessor/shutdown {
+            proxy_ssl_verify off;
+            proxy_set_header Host $$http_host;
+            proxy_set_header X-Real-IP $$remote_addr;
+            proxy_set_header X-Forwarded-For $$proxy_add_x_forwarded_for;
+            proxy_set_header X-Forwarded-Proto $$scheme;
+            proxy_pass https://dls-backend/leasing/v1/lessor/shutdown;
+          }
+      
+          location / {
+            return 301 https://dls-backend$$request_uri;
+          }
+        }
+      }
+      EON
+      cat /etc/nginx/nginx.conf
+      nginx
+      EOF'
+  dls:
+    image: collinwebdesigns/fastapi-dls:latest
+    restart: always
+    environment:
+      <<: *dls-variables
+    volumes:
+      - /opt/docker/fastapi-dls/cert:/app/cert
+      - db:/app/database
+
+volumes:
+  db: