Open wwxiaoqi opened 1 year ago
在使用 Docker Compose 配合 Traefik Server 搭建 Tiny RSS 时出现 Operation timed out.
version: '3.7'
networks: default: name: traefik-proxy external: true
services: traefik: image: traefik:v2.9 container_name: traefik-proxy restart: unless-stopped ports:
./acme.json:/acme.json:rw
command:
--serversTransport.insecureSkipVerify=true
--accesslog=true
--entryPoints.websecure.address=:443
{{ trimPrefix "/" .Name }}.funcc.cc
--providers.file.directory=/etc/traefik/dynamic/
--certificatesresolvers.cloudflare.acme.tlschallenge=true
labels:
"traefik.docker.network=traefik-proxy"
"traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
traefik.funcc.cc
"traefik.http.routers.traefik-dashboard-web.entrypoints=web"
"traefik.http.routers.traefik-dashboard-web.middlewares=redirect-to-https"
"traefik.http.routers.traefik-dashboard.tls.certresolver=cloudflare"
2. 安装 Tiny RSS ```yml version: '3.7'
services:
rss-mercury: image: wangqiru/mercury-parser-api:latest container_name: rss-mercury restart: always
rss-opencc: image: wangqiru/opencc-api-server:latest container_name: rss-opencc environment:
NODE_ENV=production restart: always
rss-postgres: image: postgres:13-alpine container_name: rss-postgres restart: always environment:
./rss_data/postgresql_data:/var/lib/postgresql/data
rss: image: wangqiru/ttrss:latest stdin_open: true restart: always container_name: rss tty: true environment:
"traefik.enable=true"
rss.funcc.cc
"traefik.http.routers.rss.middlewares=redirect-to-https"
"traefik.http.routers.rss-web.service=rss-backend"
3. 出现错误
我参考了以下内容尝试解决这个问题:
--- diff1.yml 2023-02-17 12:37:41.250909198 +0800 +++ diff2.yml 2023-02-17 12:40:05.917580850 +0800 @@ -4,18 +4,28 @@ default: name: traefik-proxy external: true + public_access: + service_only: + internal: true + database_only: + internal: true services: # Mercury 全文抓取 rss-mercury: image: wangqiru/mercury-parser-api:latest container_name: rss-mercury + networks: + - public_access + - service_only restart: always # OpenCC 简体、繁体中文转换 rss-opencc: image: wangqiru/opencc-api-server:latest container_name: rss-opencc + networks: + - service_only environment: - NODE_ENV=production restart: always @@ -24,6 +34,8 @@ rss-postgres: image: postgres:13-alpine container_name: rss-postgres + networks: + - database_only restart: always environment: - POSTGRES_USER=rss @@ -38,10 +50,16 @@ restart: always container_name: rss tty: true + networks: + - public_access + - service_only + - database_only environment: - SELF_URL_PATH=https://rss.funcc.cc/ - DB_USER=rss - DB_PASS=POSTGRES_PASSWORD + - PUID=1000 + - PGID=1000 volumes: - ./rss_data/feed-icons:/var/www/feed-icons/ labels:
Docker 中的 Tiny Tiny RSS 本体经过 Traefik Server 后可正常访问 rss.funcc.cc
rss-postgres | PostgreSQL Database directory appears to contain a database; Skipping initialization rss-postgres | rss-postgres | 2023-02-17 04:47:27.197 UTC [1] LOG: starting PostgreSQL 13.10 on x86_64-pc-linux-musl, compiled by gcc (Alpine 12.2.1_git20220924-r4) 12.2.1 20220924, 64-bit rss-postgres | 2023-02-17 04:47:27.197 UTC [1] LOG: listening on IPv4 address "0.0.0.0", port 5432 rss-postgres | 2023-02-17 04:47:27.197 UTC [1] LOG: listening on IPv6 address "::", port 5432 rss-postgres | 2023-02-17 04:47:27.202 UTC [1] LOG: listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432" rss-postgres | 2023-02-17 04:47:27.207 UTC [23] LOG: database system was shut down at 2023-02-17 03:38:43 UTC rss-postgres | 2023-02-17 04:47:27.218 UTC [1] LOG: database system is ready to accept connections rss-opencc | rss-opencc | > opencc.henry.wang@0.0.0 start /usr/src/app rss-opencc | > node ./bin/www rss-opencc | rss-mercury | rss-mercury | > mercury-parser-api@1.0.0 start /app rss-mercury | > node index.js rss-mercury | rss-mercury | 🚀Mercury Parser API listens on port 3000 rss | Operation timed out rss | Operation timed out rss | Operation timed out rss | Operation timed out rss | Operation timed out rss exited with code 0
其他 待添加...
Bug 描述
在使用 Docker Compose 配合 Traefik Server 搭建 Tiny RSS 时出现 Operation timed out.
部署方法
部署环境
复现步骤
networks: default: name: traefik-proxy external: true
services: traefik: image: traefik:v2.9 container_name: traefik-proxy restart: unless-stopped ports:
监听 Docker Event
储存 Let's Encrypts 的凭证内容,注意档案存取权限必须是 600 (sudo chmod 600 ./acme.json)
./acme.json:/acme.json:rw
command:
設定參考 https://doc.traefik.io/traefik/reference/static-configuration/cli/
基础设定
启用 Dashboard
启用 debug 模式
禁用 SSL 证书验证
--serversTransport.insecureSkipVerify=true
设定 Logs
Common Log
Access Log
--accesslog=true
设定 EntryPoints
http 使用
https 使用
--entryPoints.websecure.address=:443
设定 Providers
Docker Provider
{{ trimPrefix "/" .Name }}.funcc.cc)File Provider
--providers.file.directory=/etc/traefik/dynamic/
设定 Let's Encrypts
--certificatesresolvers.cloudflare.acme.tlschallenge=true
labels:
"traefik.docker.network=traefik-proxy"
设定 Middlewares
重新导向至 https
"traefik.http.middlewares.redirect-to-https.redirectscheme.scheme=https"
设定 Router
web 路由设定
traefik.funcc.cc)""traefik.http.routers.traefik-dashboard-web.entrypoints=web"
http redirect to https
"traefik.http.routers.traefik-dashboard-web.middlewares=redirect-to-https"
web secure 路由设定
traefik.funcc.cc)""traefik.http.routers.traefik-dashboard.tls.certresolver=cloudflare"
设定 router 对应 traefik internal service
networks: default: name: traefik-proxy external: true
services:
Mercury 全文抓取
rss-mercury: image: wangqiru/mercury-parser-api:latest container_name: rss-mercury restart: always
OpenCC 简体、繁体中文转换
rss-opencc: image: wangqiru/opencc-api-server:latest container_name: rss-opencc environment:
NODE_ENV=production restart: always
PostgreSQL 数据库
rss-postgres: image: postgres:13-alpine container_name: rss-postgres restart: always environment:
./rss_data/postgresql_data:/var/lib/postgresql/data
Tiny Tiny RSS 本体
rss: image: wangqiru/ttrss:latest stdin_open: true restart: always container_name: rss tty: true environment:
"traefik.enable=true"
HTTP 自动跳转到 HTTPS
rss.funcc.cc)""traefik.http.routers.rss.middlewares=redirect-to-https"
HTTPS 设定
rss.funcc.cc)""traefik.http.routers.rss-web.service=rss-backend"
监听容器内 HTTP 80 端口
你谷歌/百度了吗?
我参考了以下内容尝试解决这个问题:
防火墙问题
114 #313 #226 #62 根据这些 issues,我尝试添加了如以下内容:
预期结果
Docker 中的 Tiny Tiny RSS 本体经过 Traefik Server 后可正常访问 rss.funcc.cc
错误日志
其他 待添加...