Slow App + Evidence Attachment problem

[EvoXCX]

Describe the bug Hello, I can't upload attachment to evidences, I think the problem is more deeper than that because web pages take very long time to load, maybe this is a problem with reverse proxy but can't figure what cause this problem.

No error log in backend and frontend containers only this line:

2024-05-15T14:36:50.751043Z [info     ] request_finished               [django_structlog.middlewares.request] ciso_assistant_url=https://ciso.domain.com code=200 ip=172.24.0.4 request=GET /api/requirement-assessments/ request_id=560050e9-334c-4f2a-ad83-266e8ad82ad6 user_id=4194dd0e-7645-4671-a86d-2e5894caab29

To Reproduce Steps to reproduce the behavior:

1. Go to "Evidences"
2. Click on "Evidence Item"
3. Add attachment to evidence
4. No error on GUI side and CLI side
5. WWebpage don't react (Need to reload or back)

Expected behavior Attachment upload to selected evidence

Environment (please complete the following information):

• Device: Virtual Machine
• OS: Debian12
• Browser Edge, Firefox

Additional context Maybe my slow app cause problem to upload dunno why is so slow and in your demonstration application goes fast.

[ab-smith]

Hello @EvoXCX, thanks for the feedback.|

Can you please share which version you're using and the details of your virtualization setup? I'll try to get an equivalent lab to investigate this.

Thank you

[EvoXCX]

I use latest version 1.3.3, my virtual machine is under VMWare ESXI. OS is Debian 12 with Docker 26.1.3, using Docker CLI wit compose to up containers.

Here is docker-compose.yml

services:
  backend:
    image: ghcr.io/intuitem/ciso-assistant-community/backend:latest
    container_name: ciso_backend
    hostname: backend
    restart: always
    environment:
      - ALLOWED_HOSTS=backend
      - CISO_ASSISTANT_URL=https://ciso.domain.com
      - DJANGO_DEBUG=False
      - DJANGO_SECRET_KEY=<KEY>
      # DB
      - POSTGRES_NAME=ciso
      - POSTGRES_USER=ciso_user
      - POSTGRES_PASSWORD=<DB_PASSWORD>
      - DB_HOST=ciso_db
      - DB_PORT=5432
      # Email
      - DEFAULT_FROM_EMAIL=ciso-assistant@domain.com
      - EMAIL_HOST=<SMTP_HOST>
      - EMAIL_PORT=<SMTP_PORT>

  frontend:
    image: ghcr.io/intuitem/ciso-assistant-community/frontend:latest
    container_name: ciso_frontend
    hostname: frontend
    #build: ./frontend
    restart: always
    environment:
      - PUBLIC_BACKEND_API_URL=http://backend:8000/api
      - ORIGIN=https://ciso.domain.com
      - PROTOCOL_HEADER=x-forwarded-proto
      - HOST_HEADER=x-forwarded-host
    depends_on:
      - backend
    ports:
      - 127.0.0.1:3000:3000

  ciso_db:
    image: docker.io/postgres:latest
    container_name: ciso_db
    hostname: ciso_db
    restart: always
    environment:
      - POSTGRES_USER=ciso_user
      - POSTGRES_PASSWORD=<DB_PASSWORD>
      - POSTGRES_DB=ciso
      - PGDATA=/var/lib/postgres/data
    volumes:
      - /srv/cisoassistant/data:/var/lib/postgres/data

My Nginx reverse config

server {
        listen 443 ssl;
        listen [::]:443 ssl;

        ssl_certificate /etc/ssl/ciso/ciso.domain.com.crt;
        ssl_certificate_key /etc/ssl/ciso/ciso.domain.com.pem;
        ssl_session_timeout 1d;
        ssl_session_cache shared:MozSSL:10m;
        ssl_session_tickets off;

        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305;
        ssl_prefer_server_ciphers off;

        add_header Strict-Transport-Security "max-age=63072000" always;

        server_name ciso.domain.com;
        location / {
                proxy_pass      http://127.0.0.1:3000;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }
}

[NaschR]

Same problem for us the app is very slow when requesting change in DB or sign in

[ab-smith]

@EvoXCX and @NaschR I believe that both of you are using postgre instead of sqlite, nginx instead of caddy and virtualisation on ESXi instead of Proxmox ?

[ab-smith]

Also, what resources have you allocated to the VM, please? The minimum requirements are 2 cores and 2 Gi Memory

[NaschR]

i'm using Sqlite, caddy and ESXI, resource are 3 core and 3 gig of rams

[EvoXCX]

I'm using Potgres, Nginx and ESXi, with 4 cores and 6Go RAM

[ab-smith]

Ok so you both have ESXi and nginx in common; I doubt that ESXi is doing something special here, so let me add an nginx and see how it goes, Theoretically, we should not chain reverse proxies but let’s see

[NaschR]

I don't have Nginx personnaly

[ab-smith]

it's regarding your previous message about an extra proxy

"but we have a proxy in front of everything to be able to access it from outside"

[ab-smith]

we've made significant performance improvements with version 1.4.2 please try it out and let us know. thank you

[EvoXCX]

Not solved at all, same problem as originally, I don't understand why there's a big latency between my action and the display action. This is the first application I've installed behind reverse proxy that has this problem, I don't understand what is delaying display action.

[ab-smith]

hello @EvoXCX thanks for testing, are you sure you've update to the latest version, right?

[EvoXCX]

Yes