search

talkincode / toughradius

toughradius provides radius server, tr069 acs
http://www.toughradius.net
GNU General Public License v3.0
560 stars 273 forks source link

Golang版本的docker-compose.yml在哪里? #163

Open charlescui opened 7 months ago

charlescui commented 7 months ago

需要Golang版本的docker-compose.yml。

搜索整个工程,关键词是docker-compose,会发现有很多结果。 这些结果中:

  1. 数据库有好多类型,有mysql 有pg;
  2. toughradius镜像来源也有不同出处;
  3. 都没有docker-compose up成功,主要看到的错误是TOUGHRADIUS_DB_HOST等数据库配置不起作用,docker-compose中是pg数据库,但java日志看到,好像硬编码了,或者没有暴露出来完整的数据库环境变量配置,或者toughradius镜像的版本乱了(不应该指定latest,无法确定开发者当天拉下来的是java版本还是golang版本,我今天pull下来的是java版本)

请作者提供下golang版本的docker-compose,不要指定docker镜像的tag是latest,手动设定一个版本。

感谢!

charlescui commented 7 months ago

我的docker-compose.yml

version: "3"
services:
  pgdb:
    image: timescale/timescaledb:latest-pg14
    container_name: "pgdb"
    ports:
      - "127.0.0.1:5432:5432"
    environment:
      POSTGRES_DB: toughradius
      POSTGRES_USER: toughradius
      POSTGRES_PASSWORD: toughradius
    volumes:
      - pgdb-volume:/var/lib/postgresql/data
    networks:
      toughradius_network:

  toughradius:
    depends_on:
      - 'pgdb'
    image: talkincode/toughradius:latest
    container_name: "toughradius"
    restart: always
    ports:
      - "1816:1816"
      - "1818:1818"
      - "1819:1819"
      - "2083:2083"
      - "1812:1812/udp"
      - "1813:1813/udp"
      - "1914:1914/udp"
    volumes:
      - toughradius-volume:/var/toughradius
    environment:
      - GODEBUG=x509ignoreCN=0
      - TOUGHRADIUS_SYSTEM_DEBUG=off
      - TOUGHRADIUS_DB_HOST=pgdb
      - TOUGHRADIUS_DB_NAME=toughradius
      - TOUGHRADIUS_DB_USER=toughradius
      - TOUGHRADIUS_DB_PWD=toughradius
      - TOUGHRADIUS_RADIUS_DEBUG=off
      - TOUGHRADIUS_RADIUS_ENABLED=on
      - TOUGHRADIUS_TR069_WEB_TLS=on
      - TOUGHRADIUS_LOKI_ENABLE=false
      - TOUGHRADIUS_LOGGER_MODE=production
      - TOUGHRADIUS_LOGGER_FILE_ENABLE=true
    networks:
      toughradius_network:

networks:
  toughradius_network:

volumes:
  pgdb-volume:
  toughradius-volume:
toughradius  | 2024-01-24 12:50:30.009 ERROR 1 --- [eate-1740223770] com.alibaba.druid.pool.DruidDataSource   : create connection SQLException, url: jdbc:mysql://127.0.0.1:3306/toughradius?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true, errorCode 0, state 08S01
toughradius  | 
toughradius  | com.mysql.cj.jdbc.exceptions.CommunicationsException: Communications link failure
toughradius  | 
toughradius  | The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
toughradius  |  at com.mysql.cj.jdbc.exceptions.SQLError.createCommunicationsException(SQLError.java:174)
toughradius  |  at com.mysql.cj.jdbc.exceptions.SQLExceptionsMapping.translateException(SQLExceptionsMapping.java:64)
toughradius  |  at com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:835)
toughradius  |  at com.mysql.cj.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:455)
toughradius  |  at com.mysql.cj.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:240)
toughradius  |  at com.mysql.cj.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:207)
toughradius  |  at com.alibaba.druid.pool.DruidAbstractDataSource.createPhysicalConnection(DruidAbstractDataSource.java:1513)
toughradius  |  at com.alibaba.druid.pool.DruidAbstractDataSource.createPhysicalConnection(DruidAbstractDataSource.java:1578)
toughradius  |  at com.alibaba.druid.pool.DruidDataSource$CreateConnectionThread.run(DruidDataSource.java:2466)
toughradius  | Caused by: com.mysql.cj.exceptions.CJCommunicationsException: Communications link failure
toughradius  | 
toughradius  | The last packet sent successfully to the server was 0 milliseconds ago. The driver has not received any packets from the server.
toughradius  |  at sun.reflect.GeneratedConstructorAccessor64.newInstance(Unknown Source)
toughradius  |  at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
toughradius  |  at java.lang.reflect.Constructor.newInstance(Constructor.java:423)
toughradius  |  at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:61)
toughradius  |  at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:105)
toughradius  |  at com.mysql.cj.exceptions.ExceptionFactory.createException(ExceptionFactory.java:151)
toughradius  |  at com.mysql.cj.exceptions.ExceptionFactory.createCommunicationsException(ExceptionFactory.java:167)
toughradius  |  at com.mysql.cj.protocol.a.NativeSocketConnection.connect(NativeSocketConnection.java:91)
toughradius  |  at com.mysql.cj.NativeSession.connect(NativeSession.java:152)
toughradius  |  at com.mysql.cj.jdbc.ConnectionImpl.connectOneTryOnly(ConnectionImpl.java:955)
toughradius  |  at com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:825)
toughradius  |  ... 6 common frames omitted
toughradius  | Caused by: java.net.ConnectException: Connection refused (Connection refused)
toughradius  |  at java.net.PlainSocketImpl.socketConnect(Native Method)
toughradius  |  at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
toughradius  |  at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
toughradius  |  at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
toughradius  |  at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
toughradius  |  at java.net.Socket.connect(Socket.java:607)
toughradius  |  at com.mysql.cj.protocol.StandardSocketFactory.connect(StandardSocketFactory.java:155)
toughradius  |  at com.mysql.cj.protocol.a.NativeSocketConnection.connect(NativeSocketConnection.java:65)
toughradius  |  ... 9 common frames omitted
toughradius  | 
^CGracefully stopping... (press Ctrl+C again to force)
charlescui commented 7 months ago

请看看问题 @jamiesun

charlescui commented 7 months ago

上面这个问题是我拉取的镜像不对,我是macbookpro m1pro的处理器,需要arm平台镜像,但是默认docker-compose中没有指定镜像的CPU架构,而且docker hub上只有amd64架构的镜像。所以没有pull到最新的镜像。

charlescui commented 7 months ago

pull下来最新的golang代码的镜像后,docker-compose up依然报错,错误是webserver/server.go里面找不到证书:

        log.Infof("Prepare to start the TLS management port %s:%d", appconfig.Web.Host, appconfig.Web.TlsPort)
        err := s.root.StartTLS(fmt.Sprintf("%s:%d", appconfig.Web.Host, appconfig.Web.TlsPort),
            path.Join(appconfig.GetPrivateDir(), "toughradius.tls.crt"), path.Join(appconfig.GetPrivateDir(), "toughradius.tls.key"))
        if err != nil {
            log.Errorf("Error starting TLS management port %s", err.Error())
        }

经过分析,镜像中没有提供此证书,docker-compose也没有提供此证书或者目录的挂在案例,但是在makefile中,可以使用make clicrt生成crt和key证书,

clicrt:
    # 1 生成client私钥
    openssl genrsa -out assets/client.key 2048
    # 2 生成client请求文件
    openssl req -new -key assets/client.key -subj "/CN=*.toughstruct.net" -out assets/client.csr
    # 3 生成client证书
    openssl x509 -req -in assets/client.csr -CA assets/ca.crt -CAkey assets/ca.key -CAcreateserial -out assets/client.crt -days 7300
    mv assets/client.key assets/toughradius.tls.key
    mv assets/client.crt assets/toughradius.tls.crt

然后改名后,再copy到容器内

docker cp assets/client.tls.key toughradius:/var/toughradius/private/toughradius.tls.key
docker cp assets/client.tls.crt toughradius:/var/toughradius/private/toughradius.tls.crt

重新启动docker-compose,可以登录了。

@jamiesun

jamiesun commented 7 months ago

如果使用反向代理实现 https 的话, docker 容器的证书配置不是必须的。

后面会继续完善自动发布机制, 标签会自动发布为标签版本的镜像。

arm 版本镜像也会自动发布

jamiesun commented 7 months ago

目前 ARM 版本已经实现自动发布

image