From 318c6f71f242fb38cf86730fed492220f16a3fc1 Mon Sep 17 00:00:00 2001
From: Angel de la Torre <angel.dlt.1996@gmail.com>
Date: Thu, 8 Jan 2026 13:33:45 -0800
Subject: [PATCH] fix: decouple nginx health checks from PHP-FPM

Previously, nginx health probes were hitting /healthz which proxied
to PHP-FPM/Laravel, creating a dependency chain where nginx would
be marked unhealthy and restart due to database or PHP-FPM issues.

This caused:
- False nginx failures when the problem was elsewhere
- Startup race conditions (nginx checked at 45s, PHP-FPM ready at 60s)
- Cascading failures and unnecessary restarts

Changes:
- Add dedicated /nginx-health endpoint that returns 200 directly from nginx
- Update nginx liveness/readiness probes to use /nginx-health
- Reduce initialDelaySeconds (10s/5s) since nginx starts faster
- Reduce timeouts to 5s for faster failure detection

Laravel /healthz endpoint remains available for application-level
health monitoring and external tools.

Fixes nginx container restart issues in EKS.
---
 charts/restarters/templates/deployment.yaml   | 12 ++++++------
 charts/restarters/templates/nginx-config.yaml |  7 +++++++
 2 files changed, 13 insertions(+), 6 deletions(-)

diff --git a/charts/restarters/templates/deployment.yaml b/charts/restarters/templates/deployment.yaml
index 77fda9c99a..ca1a9f65b1 100644
--- a/charts/restarters/templates/deployment.yaml
+++ b/charts/restarters/templates/deployment.yaml
@@ -153,21 +153,21 @@ spec:
             {{- end }}
           livenessProbe:
             httpGet:
-              path: /healthz
+              path: /nginx-health
               port: http
               scheme: HTTP
-            initialDelaySeconds: 60
+            initialDelaySeconds: 10
             periodSeconds: 30
-            timeoutSeconds: 10
+            timeoutSeconds: 5
             failureThreshold: 3
           readinessProbe:
             httpGet:
-              path: /healthz
+              path: /nginx-health
               port: http
               scheme: HTTP
-            initialDelaySeconds: 45
+            initialDelaySeconds: 5
             periodSeconds: 10
-            timeoutSeconds: 10
+            timeoutSeconds: 5
             failureThreshold: 3
         {{- end }}
       
diff --git a/charts/restarters/templates/nginx-config.yaml b/charts/restarters/templates/nginx-config.yaml
index 0414fd0fb2..43ad33cd5b 100644
--- a/charts/restarters/templates/nginx-config.yaml
+++ b/charts/restarters/templates/nginx-config.yaml
@@ -29,6 +29,13 @@ data:
         gzip_proxied expired no-cache no-store private auth;
         gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml+rss;
 
+        # Nginx-only health check endpoint (no PHP-FPM dependency)
+        location /nginx-health {
+            access_log off;
+            return 200 "nginx ok\n";
+            add_header Content-Type text/plain;
+        }
+
         # Handle Laravel routes (including /healthz)
         location / {
             try_files $uri $uri/ @php;