Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[BUG] Docker Traefik Server Operation timed out. #441

Open
wwxiaoqi opened this issue Feb 17, 2023 · 0 comments
Open

[BUG] Docker Traefik Server Operation timed out. #441

wwxiaoqi opened this issue Feb 17, 2023 · 0 comments
Labels

Comments

@wwxiaoqi
Copy link

Bug 描述

在使用 Docker Compose 配合 Traefik Server 搭建 Tiny RSS 时出现 Operation timed out.

部署方法

  • Docker Compose
  • Traefik Server
  • 使用的镜像版本:latest

部署环境

  • 操作系统: Debian 11 for Aliyun
  • 浏览器: Chrome

复现步骤

  1. 安装 Traefik Server
version: '3.7'

networks:
  default:
    name: traefik-proxy
    external: true

services:
  traefik:
    image: traefik:v2.9
    container_name: traefik-proxy
    restart: unless-stopped
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      # 监听 Docker Event
      - /var/run/docker.sock:/var/run/docker.sock
      # 储存 Let's Encrypts 的凭证内容,注意档案存取权限必须是 600 (sudo chmod 600 ./acme.json)
      - ./acme.json:/acme.json:rw
    
    command: 
      # 設定參考 https://doc.traefik.io/traefik/reference/static-configuration/cli/

      # 基础设定
      ## 启用 Dashboard
      - --api.insecure=true
      ## 启用 debug 模式
      - --api.debug=true
      ## 禁用 SSL 证书验证
      - --serversTransport.insecureSkipVerify=true
      
      # 设定 Logs
      ## Common Log
      - --log.level=info
      ## Access Log
      - --accesslog=true

      # 设定 EntryPoints
      ## http 使用
      - --entryPoints.web.address=:80
      ## https 使用
      - --entryPoints.websecure.address=:443
      
      # 设定 Providers
      ## Docker Provider
      - --providers.docker=true
      - --providers.docker.endpoint=unix:///var/run/docker.sock
      - --providers.docker.exposedByDefault=false
      - --providers.docker.defaultRule=Host(`{{ trimPrefix "/" .Name }}.funcc.cc`)
      - --providers.docker.network=traefik-proxy
      ## File Provider
      - --providers.file.watch=true
      - --providers.file.directory=/etc/traefik/dynamic/

      # 设定 Let's Encrypts
      - --certificatesresolvers.cloudflare.acme.email=${TRAEFIK_CERTRESOLVER_ACME_EMAIL}
      - --certificatesresolvers.cloudflare.acme.storage=acme.json
      - --certificatesresolvers.cloudflare.acme.tlschallenge=true

    labels:
      - "traefik.enable=true"
      - "traefik.docker.network=traefik-proxy"
      
      # 设定 Middlewares
      ## 重新导向至 https
      - "traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"

      # 设定 Router
      ## web 路由设定
      - "traefik.http.routers.traefik-dashboard-web.rule=Host(`traefik.funcc.cc`)"
      - "traefik.http.routers.traefik-dashboard-web.entrypoints=web"

      ## http redirect to https
      - "traefik.http.routers.traefik-dashboard-web.middlewares=redirect-to-https"

      ## web secure 路由设定
      - "traefik.http.routers.traefik-dashboard.rule=Host(`traefik.funcc.cc`)"
      - "traefik.http.routers.traefik-dashboard.entrypoints=websecure"
      - "traefik.http.routers.traefik-dashboard.tls=true"
      - "traefik.http.routers.traefik-dashboard.tls.certresolver=cloudflare"

      ## 设定 router 对应 traefik internal service
      - "traefik.http.routers.traefik-dashboard.service=api@internal"
  1. 安装 Tiny RSS
version: '3.7'

networks:
  default:
    name: traefik-proxy
    external: true

services:
  # Mercury 全文抓取
  rss-mercury:
    image: wangqiru/mercury-parser-api:latest
    container_name: rss-mercury
    restart: always

  # OpenCC 简体、繁体中文转换
  rss-opencc:
    image: wangqiru/opencc-api-server:latest
    container_name: rss-opencc
    environment:
      - NODE_ENV=production
    restart: always
  
  # PostgreSQL 数据库
  rss-postgres:
    image: postgres:13-alpine
    container_name: rss-postgres
    restart: always
    environment:
      - POSTGRES_USER=rss
      - POSTGRES_PASSWORD=POSTGRES_PASSWORD
    volumes:
      - ./rss_data/postgresql_data:/var/lib/postgresql/data

  # Tiny Tiny RSS 本体
  rss:
    image: wangqiru/ttrss:latest
    stdin_open: true
    restart: always
    container_name: rss
    tty: true
    environment:
      - SELF_URL_PATH=https://rss.funcc.cc/
      - DB_USER=rss
      - DB_PASS=POSTGRES_PASSWORD
    volumes:
      - ./rss_data/feed-icons:/var/www/feed-icons/
    labels:
      - "traefik.enable=true"

      # HTTP 自动跳转到 HTTPS
      - "traefik.http.routers.rss.rule=Host(`rss.funcc.cc`)"
      - "traefik.http.routers.rss.entrypoints=web"
      - "traefik.http.routers.rss.middlewares=redirect-to-https"

      # HTTPS 设定
      - "traefik.http.routers.rss-web.rule=Host(`rss.funcc.cc`)"
      - "traefik.http.routers.rss-web.entrypoints=websecure"
      - "traefik.http.routers.rss-web.tls.certresolver=cloudflare"
      - "traefik.http.routers.rss-web.service=rss-backend"

      # 监听容器内 HTTP 80 端口
      - "traefik.http.services.rss-backend.loadbalancer.server.scheme=http"
      - "traefik.http.services.rss-backend.loadbalancer.server.port=80"
  1. 出现错误

你谷歌/百度了吗?

我参考了以下内容尝试解决这个问题:

防火墙问题

#114 #313 #226 #62 根据这些 issues,我尝试添加了如以下内容:

--- diff1.yml   2023-02-17 12:37:41.250909198 +0800
+++ diff2.yml   2023-02-17 12:40:05.917580850 +0800
@@ -4,18 +4,28 @@
   default:
     name: traefik-proxy
     external: true
+  public_access:
+  service_only:
+    internal: true
+  database_only:
+    internal: true
 
 services:
   # Mercury 全文抓取
   rss-mercury:
     image: wangqiru/mercury-parser-api:latest
     container_name: rss-mercury
+    networks:
+      - public_access
+      - service_only
     restart: always
 
   # OpenCC 简体、繁体中文转换
   rss-opencc:
     image: wangqiru/opencc-api-server:latest
     container_name: rss-opencc
+    networks:
+      - service_only
     environment:
       - NODE_ENV=production
     restart: always
@@ -24,6 +34,8 @@
   rss-postgres:
     image: postgres:13-alpine
     container_name: rss-postgres
+    networks:
+      - database_only
     restart: always
     environment:
       - POSTGRES_USER=rss
@@ -38,10 +50,16 @@
     restart: always
     container_name: rss
     tty: true
+    networks:
+      - public_access
+      - service_only
+      - database_only
     environment:
       - SELF_URL_PATH=https://rss.funcc.cc/
       - DB_USER=rss
       - DB_PASS=POSTGRES_PASSWORD
+      - PUID=1000
+      - PGID=1000
     volumes:
       - ./rss_data/feed-icons:/var/www/feed-icons/
     labels:

预期结果

Docker 中的 Tiny Tiny RSS 本体经过 Traefik Server 后可正常访问 rss.funcc.cc

错误日志

rss-postgres  | PostgreSQL Database directory appears to contain a database; Skipping initialization
rss-postgres  |
rss-postgres  | 2023-02-17 04:47:27.197 UTC [1] LOG:  starting PostgreSQL 13.10 on x86_64-pc-linux-musl, compiled by gcc (Alpine 12.2.1_git20220924-r4) 12.2.1 20220924, 64-bit
rss-postgres  | 2023-02-17 04:47:27.197 UTC [1] LOG:  listening on IPv4 address "0.0.0.0", port 5432
rss-postgres  | 2023-02-17 04:47:27.197 UTC [1] LOG:  listening on IPv6 address "::", port 5432
rss-postgres  | 2023-02-17 04:47:27.202 UTC [1] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
rss-postgres  | 2023-02-17 04:47:27.207 UTC [23] LOG:  database system was shut down at 2023-02-17 03:38:43 UTC
rss-postgres  | 2023-02-17 04:47:27.218 UTC [1] LOG:  database system is ready to accept connections
rss-opencc    |
rss-opencc    | > [email protected] start /usr/src/app
rss-opencc    | > node ./bin/www
rss-opencc    |
rss-mercury   |
rss-mercury   | > [email protected] start /app
rss-mercury   | > node index.js
rss-mercury   |
rss-mercury   | 🚀Mercury Parser API listens on port 3000
rss           | Operation timed out
rss           | Operation timed out
rss           | Operation timed out
rss           | Operation timed out
rss           | Operation timed out
rss exited with code 0

其他
待添加...

@wwxiaoqi wwxiaoqi added the bug label Feb 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

1 participant