Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

perfect 'docker-compose.yml' file #78

Closed
threerog opened this issue Apr 7, 2023 · 16 comments
Closed

perfect 'docker-compose.yml' file #78

threerog opened this issue Apr 7, 2023 · 16 comments
Labels
question Further information is requested

Comments

@threerog
Copy link

threerog commented Apr 7, 2023
edited

https://github.com/iFargle/headscale-webui/blob/main/docker-compose.yml

Incomplete document information
Incomplete parameter information
HS_ SERVER is https://www.example.com Unable to work at time
But I opened it https://www.example.com/swagger Normal access
and opened it https://www.example.com/health Normal access

Also, is the internal port of webui fixed at 5000?
@threerog threerog changed the title perfect ’ perfect 'docker-compose.yml' file Apr 7, 2023
@threerog
Copy link
Author

threerog commented Apr 7, 2023 

[2023-04-07 16:06:56 +0900] [1] [INFO] Starting gunicorn 20.1.0
[2023-04-07 16:06:56 +0900] [1] [INFO] Listening at: http://0.0.0.0:5000 (1)
[2023-04-07 16:06:56 +0900] [1] [INFO] Using worker: sync
[2023-04-07 16:06:56 +0900] [7] [INFO] Booting worker with pid: 7
[2023-04-07 16:06:56,853] INFO in server: Headscale-WebUI Version:  v0.6.1 / main
[2023-04-07 16:06:56,853] INFO in server: LOG LEVEL SET TO INFO
[2023-04-07 16:06:56,853] INFO in server: DEBUG STATE:  False
[2023-04-07 16:07:01,315] ERROR in app: Exception on / [GET]
Traceback (most recent call last):
  File "/app/.venv/lib/python3.11/site-packages/urllib3/connectionpool.py", line 703, in urlopen
    httplib_response = self._make_request(
                       ^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/urllib3/connectionpool.py", line 449, in _make_request
    six.raise_from(e, None)
  File "", line 3, in raise_from
  File "/app/.venv/lib/python3.11/site-packages/urllib3/connectionpool.py", line 444, in _make_request
    httplib_response = conn.getresponse()
                       ^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/http/client.py", line 1374, in getresponse
    response.begin()
  File "/usr/local/lib/python3.11/http/client.py", line 318, in begin
    version, status, reason = self._read_status()
                              ^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/http/client.py", line 287, in _read_status
    raise RemoteDisconnected("Remote end closed connection without"
http.client.RemoteDisconnected: Remote end closed connection without response

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/app/.venv/lib/python3.11/site-packages/requests/adapters.py", line 489, in send
    resp = conn.urlopen(
           ^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/urllib3/connectionpool.py", line 787, in urlopen
    retries = retries.increment(
              ^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/urllib3/util/retry.py", line 550, in increment
    raise six.reraise(type(error), error, _stacktrace)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/urllib3/packages/six.py", line 769, in reraise
    raise value.with_traceback(tb)
  File "/app/.venv/lib/python3.11/site-packages/urllib3/connectionpool.py", line 703, in urlopen
    httplib_response = self._make_request(
                       ^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/urllib3/connectionpool.py", line 449, in _make_request
    six.raise_from(e, None)
  File "", line 3, in raise_from
  File "/app/.venv/lib/python3.11/site-packages/urllib3/connectionpool.py", line 444, in _make_request
    httplib_response = conn.getresponse()
                       ^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/http/client.py", line 1374, in getresponse
    response.begin()
  File "/usr/local/lib/python3.11/http/client.py", line 318, in begin
    version, status, reason = self._read_status()
                              ^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/http/client.py", line 287, in _read_status
    raise RemoteDisconnected("Remote end closed connection without"
urllib3.exceptions.ProtocolError: ('Connection aborted.', RemoteDisconnected('Remote end closed connection without response'))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/app/.venv/lib/python3.11/site-packages/flask/app.py", line 2528, in wsgi_app
    response = self.full_dispatch_request()
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/flask/app.py", line 1825, in full_dispatch_request
    rv = self.handle_user_exception(e)
         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/flask/app.py", line 1823, in full_dispatch_request
    rv = self.dispatch_request()
         ^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/flask/app.py", line 1799, in dispatch_request
    return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/server.py", line 129, in decorated
    return view_func(*args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/server.py", line 141, in overview_page
    pass_checks = str(helper.load_checks())
                      ^^^^^^^^^^^^^^^^^^^^
  File "/app/helper.py", line 298, in load_checks
    if access_checks() != "Pass": return 'error_page'
       ^^^^^^^^^^^^^^^
  File "/app/helper.py", line 172, in access_checks
    response = requests.get(str(url)+"/health")
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/requests/api.py", line 73, in get
    return request("get", url, params=params, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/requests/api.py", line 59, in request
    return session.request(method=method, url=url, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/requests/sessions.py", line 587, in request
    resp = self.send(prep, **send_kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/requests/sessions.py", line 701, in send
    r = adapter.send(request, **kwargs)
        ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/app/.venv/lib/python3.11/site-packages/requests/adapters.py", line 547, in send
    raise ConnectionError(err, request=request)
requests.exceptions.ConnectionError: ('Connection aborted.', RemoteDisconnected('Remote end closed connection without response'))

@iFargle
Copy link
Owner

iFargle commented Apr 7, 2023

Can you post your docker-compose.yml?

Also yes, internal is port 5000

@threerog
Copy link
Author

threerog commented Apr 7, 2023

Can you post your docker-compose.yml?

Also yes, internal is port 5000

version: "3"
services:
  headscale-webui:
    container_name: headscale-webui
    image: ghcr.io/ifargle/headscale-webui:latest
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    ports:
      - '5000:5000'
    environment:
      - TZ=Asia/Tokyo
      - COLOR=red
      - HS_SERVER=https://www.example.com
      - DOMAIN_NAME=https://www.example.com:5000
      - SCRIPT_NAME=/admin
      - KEY="PSDSzZAXi0UTtod8oQEO/13u8EK0oR+PjB+h2+XUtWI="
      - LOG_LEVEL=info
    volumes:
      - /etc/headscale/webui:/data:rw     
      - /etc/headscale:/etc/headscale:ro

@iFargle
Copy link
Owner

iFargle commented Apr 8, 2023

Are you accessing on https://www.example.com:5000/admin or https://www.example.com:5000?

@iFargle
Copy link
Owner

iFargle commented Apr 8, 2023

You may just need to remove :5000 from the DOMAIN_NAME variable and remove your SCRIPT_NAME variable entirely.

@iFargle iFargle added the question Further information is requested label Apr 8, 2023
@threerog
Copy link
Author

threerog commented Apr 8, 2023

You may just need to remove :5000 from the DOMAIN_NAME variable and remove your SCRIPT_NAME variable entirely.

I understand what you mean. In actual testing, I used the complete path

@threerog
Copy link
Author

threerog commented Apr 8, 2023
edited

My headscale has enabled the HTTPS+443 port internally and is configured with a TLS certificate
Then go to the external port 8080 of the headscale container through nginx reverse proxy
Determine through testing that headscale is running normally

docker run \
  --name headscale \
  --detach \
  --volume /etc/headscale/:/etc/headscale/ \
  --publish 8080:8080\
  --publish 9090:9090 \
  --publish 50443:50443 \
  --publish 3478:3478 \
  headscale/headscale:latest \
  headscale serve

headscale-config.yaml

server_url: https://www.example.com:443
listen_addr: 0.0.0.0:8080
metrics_listen_addr: 127.0.0.1:9090
grpc_listen_addr: 0.0.0.0:50443

@threerog
Copy link
Author

threerog commented Apr 8, 2023
edited

Are you accessing on https://www.example.com:5000/admin or https://www.example.com:5000?

I visited before https://www.example.com:5000/admin
but
I have now deleted SCRIPT_ NAME content, direct access https://www.example.com:5000
and direct access http://server_ip:5000
It's still the same mistake as before

@iFargle
Copy link
Owner

iFargle commented Apr 8, 2023 via email

@iFargle
Copy link
Owner

iFargle commented Apr 8, 2023

Hm, no I see it's erroring on getting the healthcheck from Headscale...
https://example.com/health is reachable from inside your Docker environment, yes?
Maybe set your HS_SERVER to the IP inside your Docker network?

@threerog
Copy link
Author

I seem to have found the problem, suspected to be caused by curl's HTTP/2 problem
https://www.example.com/health Can access curl successfully on other computers
But the same server deployed on Headscale cannot be accessed
I always said before https://www.example.com/health It can be accessed normally, accessed on my local work computer, not tested locally on the server.

Is the underlying layer of headscale-webui based on curl?

root@VM-12-16-ubuntu:~# curl https://www.example.com/health
curl: (92) HTTP/2 stream 0 was not closed cleanly: PROTOCOL_ERROR (err 1)

This is an article sent to me by a colleague
https://blog.balasundar.com/curl-92-http2-stream-0-was-not-closed-cleanly-protocolerror-err-1

@threerog
Copy link
Author

After I discovered that it was suspected to be related to curl, I attempted to upgrade the curl software package but still failed.
I have followed the previously mentioned configuration information and deployment instructions once on another new server, and it can be deployed normally. The UI is normal, and curl can also pass the test.

But I tested the /health interface of the new server using curl from the old server and still returned curl: (92) HTTP/2 stream 0 was not closed clean: PROTOCOL'_ ERROR (err 1)

@iFargle
Copy link
Owner

iFargle commented Apr 10, 2023

This I am clueless on. I just use the plain ol' Python requests library for all the HTTP requests

@iFargle
Copy link
Owner

iFargle commented Apr 10, 2023

Which I guess is HTTP/1.1?

@threerog
Copy link
Author

I am also at a loss. My new server synchronizes according to the same configuration and image of the old server, but in the end, one server succeeds while the other fails.
I am also contacting server provider technical support

@threerog
Copy link
Author

I'm sorry, it's not an issue with headscale-webui
It's because the IP address of that server triggered firewall restrictions

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@threerog @iFargle