search

allinurl / goaccess

GoAccess is a real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser.
https://goaccess.io
MIT License
18.16k stars 1.1k forks source link

Docker Deployment and WebSocket Questions for Beginners #2708

Open manjieqi opened 2 weeks ago

manjieqi commented 2 weeks ago

GoAccess is very beautiful, thank you to the contributors for their efforts, but I encountered some problems during deployment, although I have consulted a lot of materials, but due to my limited level, I still feel confused, if you can answer, I would be very grateful.

It can currently be accessed via https://goaccess.xxxxx.com:8443/, but there are still some issues.

image

First, I noticed that the browser was constantly requesting ws, but it seemed to have failed.

image

Next, I'm confused about this port 7890, can it be accessed directly through the IP:7890 range? But my browser seems unable to open it.

Additionally, I configured real-time-html to true, but it doesn't seem to be updating automatically.

Here is my deployed configuration file:

/home/ubuntu/goaccess/compose.yml

services:
  goaccess:
    image: allinurl/goaccess
    container_name: goaccess
    ports:
      - 0.0.0.0:7890:7890
    volumes:
      - ./config:/srv/config
      - /home/ubuntu/nginx/html/goaccess:/srv/report
      - /home/ubuntu/nginx/logs:/srv/logs
    command: ["--no-global-config", "--config-file=/srv/config/goaccess.conf", -e TZ="Asia/Shanghai"]
    restart: unless-stopped
    networks:
      - nginx

networks:
  nginx:
    external: true

/home/ubuntu/goaccess/config/goaccess.conf

time-format %H:%M:%S
date-format %Y-%m-%d
log-format COMBINED
log-file /srv/logs/access.log
output /srv/report/index.html
#ws-url goaccess.xxxxx.com:8443
real-time-html true

/home/ubuntu/nginx/compose.yml

services:
  nginx:
    image: nginx:1.26
    container_name: nginx
    ports:
      - 0.0.0.0:8080:80
      - 0.0.0.0:8443:443
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf
      - ./conf.d:/etc/nginx/conf.d
      - ./certs:/etc/nginx/certs
      - ./html:/usr/share/nginx/html
      - ./logs:/var/log/nginx
    restart: unless-stopped
    networks:
      - nginx

networks:
  nginx:
    external: true

/home/ubuntu/nginx/conf.d/goaccess.conf

# HTTPS 服务器配置
server {
    listen 443 ssl;
    server_name goaccess.xxxxx.com;

    ssl_certificate /etc/nginx/certs/xxxxx.com.crt;
    ssl_certificate_key /etc/nginx/certs/xxxxx.com.key;

    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:10m;
    ssl_session_tickets off;
    ssl_protocols TLSv1.3;

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options DENY;
    add_header X-XSS-Protection "1; mode=block";

    # 代理配置 
    location / {

        root /usr/share/nginx/html/goaccess;
        index index.html;

        # proxy_pass http://goaccess:7890;
        # proxy_set_header Host $host;
        # proxy_set_header X-Real-IP $remote_addr;
        # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        # proxy_set_header X-Forwarded-Proto $scheme;
    }
}
manjieqi commented 2 weeks ago

It seems like the issue has been resolved through AI, but there are two problems. When accessing through a browser, it first loads the old static files and then updates to the latest files, is this not due to my configuration error? Additionally, the Docker image seems to automatically generate anonymous volumes, which are not being used. If there's anything that needs improvement in my configuration, please let me know.

/home/ubuntu/goaccess/compose.yml

services:
  goaccess:
    image: allinurl/goaccess
    container_name: goaccess
    ports:
      - 0.0.0.0:7890:7890
    volumes:
      - ./config:/srv/config
      - /home/ubuntu/nginx/logs:/srv/logs
      - /home/ubuntu/nginx/certs:/srv/certs
      - /home/ubuntu/nginx/html/goaccess:/srv/report
    command: ["--no-global-config", "--config-file=/srv/config/goaccess.conf"]
    restart: unless-stopped
    networks:
      - nginx

networks:
  nginx:
    external: true

/home/ubuntu/goaccess/config/goaccess.conf

tz Asia/Shanghai
time-format %H:%M:%S
date-format %Y-%m-%d
log-format COMBINED
log-file /srv/logs/access.log
output /srv/report/index.html
real-time-html true
ws-url wss://goaccess.xxxxx.com:7890
ssl-cert /srv/certs/xxxxx.com.crt
ssl-key /srv/certs/xxxxx.com.key

/home/ubuntu/nginx/compose.yml

services:
  nginx:
    image: nginx:1.26
    container_name: nginx
    ports:
      - 0.0.0.0:8080:8080
      - 0.0.0.0:8443:8443
    volumes:
      - ./nginx.conf:/etc/nginx/nginx.conf
      - ./conf.d:/etc/nginx/conf.d
      - ./certs:/etc/nginx/certs
      - ./html:/usr/share/nginx/html
      - ./logs:/var/log/nginx
    restart: unless-stopped
    networks:
      - nginx

networks:
  nginx:
    external: true

/home/ubuntu/nginx/conf.d/goaccess.conf

# HTTPS 服务器配置
server {
    listen 8443 ssl;
    server_name goaccess.xxxxx.com;

    ssl_certificate /etc/nginx/certs/xxxxx.com.crt;
    ssl_certificate_key /etc/nginx/certs/xxxxx.com.key;

    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:10m;
    ssl_session_tickets off;
    ssl_protocols TLSv1.3;

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options DENY;
    add_header X-XSS-Protection "1; mode=block";

    # 代理配置 
    location / {
        root /usr/share/nginx/html/goaccess;
        index index.html;
    }

    location /ws {
        proxy_pass http://goaccess:7890;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $host;
    }
}
allinurl commented 2 weeks ago

I'm glad to hear you resolved the original issue. When it comes to loading the report, it's normal for GoAccess to bootstrap the initial data during the process.

Honestly, unless I'm missing something, I don’t see anything in the yaml or nginx config that would cause unused anonymous volumes to be created automatically. The volumes seem to be explicitly defined and mapped to specific paths on both the host and the containers.

Maybe it's something outside the config? Check what docker volume ls and docker inspect <container_id> show, and make sure to look at the path ids too.

Let me know if that helps.

manjieqi commented 2 weeks ago 
$ docker inspect goaccess
{
    "Type": "volume",
    "Name": "218de37f2ea6788172d825361a548a7a0ffaa5acd2ddae2767714349a21011b6",
    "Source": "/var/lib/docker/volumes/218de37f2ea6788172d825361a548a7a0ffaa5acd2ddae2767714349a21011b6/_data",
    "Destination": "/var/www/goaccess",
    "Driver": "local",
    "Mode": "",
    "RW": true,
    "Propagation": ""
}

I saw the Dockerfile in the root directory of the repository defining this volume, which should be the origin of the anonymous volume. I didn't mount the file in this directory because the documentation didn't mention it. thx.

allinurl commented 2 weeks ago

Thanks for sharing that. You are right, since there's nothing explicitly mounted to that directory when running the container, Docker creates an anonymous volume automatically. The VOLUME /var/www/goaccess line in the Dockerfile creates this anonymous volume.