v1.4.0

[BrunoRNS]

Summary

This PR improves the containerized deployment with a focus on security, performance, and maintainability, while keeping a single-container setup suitable for low-resource and free hosting environments.

No application logic was changed.

Changes

Runtime & Architecture

• Switch application runtime to ASGI using gunicorn + uvicorn.workers.UvicornWorker

Remove dependency on Django Channels (no WebSocket usage)

• Keep Django running in ASGI mode for improved concurrency and future compatibility

Security

• Run nginx and the application as a non-root user
• Use a local, non-root-friendly nginx.conf
• Avoid runtime mutation of system configuration files
• Remove sensitive files (.env, .secret) during build
• Add a concise SECURITY.md with responsible disclosure guidance (hobby project, no SLA)

Performance & Image Size

• Switch base image to python:3.11-alpine
• Reduce image size and build time
• Improve Docker layer caching by installing dependencies before copying source code

Maintenance & Cleanup

• Simplify entrypoint.sh (no fixed sleep, no sed or chown at runtime)
• Ensure clean shutdown by running nginx as PID 1
• Keep configuration minimal and explicit

Notes

• Designed for environments where docker-compose is not available
• HTTP-only by design (no WebSocket support)
• Suitable for hobby and personal projects without guaranteed SLAs