Cant see plugin, user and project lists in rundeck - docker-compose

Hey guys im just installed rundeck 3.4.9 via docker-compose and after it i cant see the list of installed plugins, the page is refreshing endlessly - same with project list and with user list.
Here is my docker-compose file:
version: '3'
services:
rundeck:
image: rundeck/rundeck:3.4.9
tty: true
volumes:
- data:/home/rundeck/server/data
ports:
- 4440:4440
volumes:
data:
here is what i see in browser:
here what i see in docker-compose logs:
so no errors here, how can i fix this issue ?

In your docker-compose definition add the RUNDECK_GRAILS_URL with the proxy-defined URL for your Rundeck instance and RUNDECK_SERVER_FORWARDED with a true value.
I made a basic example using NGINX as a reverse proxy.
version: "3"
services:
rundeck:
image: rundeck/rundeck:3.4.9
ports:
- 4440:4440
environment:
RUNDECK_GRAILS_URL: http://your_proxy_exit_url_for_rundeck
RUNDECK_SERVER_FORWARDED: "true"
nginx:
image: nginx:alpine
volumes:
- ./config/nginx.conf:/etc/nginx/conf.d/default.conf:ro
ports:
- 80:80
(NGINX conf file referenced on the volumes section):
server {
listen 80 default_server;
server_name rundeck-cl;
# default rundeck location is the root
location / {
# took from default rundeck conf
proxy_pass http://rundeck:4440;
}
}
Take a look at this.

Related

Nest Js Api has been blocked by CORS policy Next JS Frontend which is running by Docker

I am using the following techs for my project
Backend / API : Nest JS ( Running on port localhost:3001 )
Frontend: Next JS ( Running on port localhost:3000 )
Database: MongoDB
Reverse Proxy Server: Nginx
and Docker
When I am using "docker-compose up -d" the Backend is running properly as well as all the API URLs are working fine by this " localhost:3001 "
Also, in the Frontend, the site is loading properly and also all the API data is showing. But, an error is showing in the console and popup like this screenshot
Error Image 1: click here Error Image 2: click here
Error in text:
In popup:
Unhandled Runtime Error
Error: Network Error
Call Stack
createError
node_modules/axios/lib/core/createError.js (16:0)
XMLHttpRequest.handleError
/_next/static/development/pages/Index.js (16144:14)
In Console:
Access to XMLHttpRequest at 'http://dev:3001/news?page=1&limit=3' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I have called the API from the frontend as "http://dev:3001" as I am loading it from docker image and the service name is dev.
Here is the docker-compose file:
version: "3.9"
services:
dev:
container_name: nest-backend
image: nest-backend:1.0.0
build:
context: ./backend
target: development
dockerfile: ./Dockerfile
expose:
- 3001
ports:
- "3001:3001"
links:
- mongo
volumes:
- ./backend:/backend/app
- /backend/app/node_modules
restart: unless-stopped
command: npm run start:dev
networks:
- app-network
app:
image: bjithp-next
build: frontend
expose:
- 3000
ports:
- 3000:3000
depends_on:
- dev
volumes:
- ./frontend:/app
- /app/node_modules
- /app/.next
networks:
- app-network
mongo:
image: mongo
# environment:
# - MONGO_INITDB_ROOT_USERNAME=root
# - MONGO_INITDB_ROOT_PASSWORD=1234
ports:
- "27037:27017"
volumes:
- mongodb_data_container:/data/db
networks:
- app-network
nginx:
build:
context: ./nginx
dockerfile: Dockerfile
ports:
- "80:80"
restart: always
depends_on:
- app
- dev
volumes:
- ./nginx/default.conf:/etc/nginx/conf.d/default.conf
networks:
- app-network
volumes:
mongodb_data_container:
mongodb-data:
name: mongodb-data
networks:
app-network:
driver: bridge
I have also used nginx for reverse proxy. Here is the nginx default.conf file:
// nginx.conf
upstream dev {
servdever dev:3001;
}
upstream client {
server app:3000;
}
server {
listen 80;
server_name localhost:3000;
access_log /path/to/access/log/access.log;
error_log /path/to/error/log/error.log;
location / {
proxy_pass http://app;
}
location ~ /dev/(?<section>.*) {
rewrite ^/dev/(.*)$ /$1 break;
proxy_pass http://dev;
}
}
And also in the frontend, I have used .env, which is this:
DEFAULT_PORT=3000
BASE_API_URL=http://dev:3001
NODE_ENV=development
HOST=http://localhost
PRODUCTION_IMAGE_PORT=443
BASE_IMAGE_URL=http://localhost:3001
HIRE_US_PAGE=http://103.197.206.56:3000
BLOG_SHARE_URL_HOST=http://bjitgroup.com
Please suggest me a solution. My site is working fine with that annoying network-error problem.

Traefik with multiple docker-compose.yml files

Hello traefik friends.
I just started to look into traefik. All tutorials show how to run one docker-compose.yml file with traefik togather with other containers. I most often have many separate docker-compose.yml files and very much would like to use them with traefik.
so here is my code for traefik container:
version: "3.3"
services:
traefik:
image: "traefik:v2.5"
container_name: "traefik"
command:
#- "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.websecure.address=:443"
- "--certificatesresolvers.myresolver.acme.tlschallenge=true"
#- "--certificatesresolvers.myresolver.acme.caserver=https://acme-staging-v02.api.letsencrypt.org/directory"
- "--certificatesresolvers.myresolver.acme.email=xxxxxxxxx#gmail.com"
- "--certificatesresolvers.myresolver.acme.storage=/letsencrypt/acme.json"
ports:
- "443:443"
- "8080:8080"
networks:
- "traefik"
- "external"
volumes:
- "./letsencrypt:/letsencrypt"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
and the other exemplary docker-compose I would like to use with traefik:
version: '3.1'
services:
php:
image: php:7.4-apache
ports:
- 8081:80
volumes:
- ./php/www:/var/www/html/
labels:
- "traefik.enable=true"
- "traefik.http.routers.php.rule=host(`php.xxxxxx.com`)"
- "traefik.http.routers.php.entrypoints=websecure"
- "traefik.http.routers.php.tls.certresolver=myresolver"
unfortunately that doesnt seem to work (when I concat theese to files into one big docker-compose.yml file - it works fine. Could you point me in the right direction?
Traefik needs to be part of the networks for all the services it connects to. For me it works when I set network: host for Traefik. (And then you have to remove ports part.)
I do wonder how safe that is, I can't seem to access the admin interface from another machine, so that's good.
Each docker-compose.yml by default create its own network. So traefik from the traefik network can't access PHP server from some other "php-default" network.
see Compose Networking docs
We have to add the PHP server to the traefik network:
php/docker-compose.yml:
services:
php:
image: php:7.4-apache
# we need to tell the traefik what port is the container listening to
expose:
- 80
volumes:
- ./php/www:/var/www/html/
labels:
- "traefik.enable=true"
- "traefik.http.routers.php.rule=host(`php.xxxxxx.com`)"
- "traefik.http.routers.php.entrypoints=websecure"
- "traefik.http.routers.php.tls.certresolver=myresolver"
networks:
default:
name: traefik
external: true
OR if you want to have other networks
services:
php:
...
networks:
- traefik
...
networks:
traefik:
external: true
Note there is not defined port property, instead there is expose. The port exposes ports on the host, the expose act as mere documentation (see this Q) but the traefik read it.
And because of that, I think that in your traefik/docker-compose.yml the external network is unnecessary.

Basic auth not working in my second docker-compose file for my web app

So I have 2 configurations, the first docker-compose configuration sets up traefik and it has basic auth middleware set up properly and working
But the second I set up basic auth properly and the website runs very well on https and all but the basic authentication doesn't work
Below is the docker-compose file for my website
version: '3.7'
networks:
traefik-proxy:
external: true
internal:
external: false
services:
web:
container_name: web
build: .
image: ibl-docs
command: yarn run serve --build --port ${PORT} --host 0.0.0.0
volumes:
- .:/code
- '/code/node_modules'
environment:
- CHOKIDAR_USEPOLLING=true
expose:
- ${PORT}
networks:
- traefik-proxy
- internal
labels:
- "traefik.enable=true"
- "traefik.docker.network=traefik-proxy"
## HTTP
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}.entrypoints=web"
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}.rule=Host(`${HOST}`)"
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}.service=${TRAEFIK_MANAGER_ID}-secure"
- "traefik.http.services.${TRAEFIK_MANAGER_ID}.loadbalancer.server.port=${PORT}"
# Redirect
- "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}.middlewares=https-redirect"
## HTTPS
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}-secure.entrypoints=websecure"
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}-secure.rule=Host(`${HOST}`)"
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}-secure.tls=${HTTPS_ROUTER_TLS_MODE}"
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}-secure.tls.certresolver=default"
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}-secure.service=${TRAEFIK_MANAGER_ID}-secure"
- "traefik.http.services.${TRAEFIK_MANAGER_ID}-secure.loadbalancer.server.port=${PORT}"
## Admin
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}-admin.rule=Host(`${HOST}`) && PathPrefix(`/admin`)"
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}-admin.entrypoints=websecure"
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}-admin.middlewares=${TRAEFIK_MANAGER_ID}-auth"
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}-admin.tls=${HTTPS_ROUTER_TLS_MODE}"
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}-admin.tls.certresolver=default"
- "traefik.http.routers.${TRAEFIK_MANAGER_ID}-admin.service=${TRAEFIK_MANAGER_ID}-admin"
- "traefik.http.services.${TRAEFIK_MANAGER_ID}-admin.loadbalancer.server.port=${PORT}"
- "traefik.http.middlewares.${TRAEFIK_MANAGER_ID}-auth.basicauth.users=${BASIC_AUTH_USERS}"
the variable BASIC_AUTH_USERS is set in the .env file as username:sdksjdlakjsdlaslkda
and the credentials are being generated from .httpaccess
The docker-compose logs for traefik point to no error at all and I have tried ass the credentials within the docker-compose file of my website without the environment variable and escaping the $ twice as suggested by many, but the http auth just doesn't show up.
Any help and suggestions will be much appreciated at this point, thanks.
For me it works like this:
docker-compose.yml
labels:
[...]
- "traefik.http.middlewares.auth.basicauth.users=${TRAEFIK_USER}:${TRAEFIK_PASSWORD}"
[...]
.env
[...]
TRAEFIK_USER=username
TRAEFIK_PASSWORD='$2y$05$xahM2aRLsfQtudl1rimk5OZom7ekdizT911qCAk92tPvathYlZ8B7'
[...]
So replacing the single $ from the hash is not necessary when the variable is substituted.

Docker Compose - Service name not working as environment variable

I'm trying to use docker-compose to setup a Spring Cloud project.
I'm using spring cloud configuration so I have a Configuration Server and some services.
For now, I have 3 services in my docker-compose.yml
version: '3'
services:
db:
image: mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: 'root' # TODO: Change this
MYSQL_USER: 'user'
MYSQL_PASS: 'password'
MYSQL_ROOT_HOST: '%'
volumes:
- "db:/opt/mysql/docker:rw"
ports:
- "3307:3306"
config:
image: config-server
restart: always
depends_on:
- db
environment:
- SPRING_DATASOURCE_URL=jdbc:mysql://db:3306/ec_settings?createDatabaseIfNotExist=true&useUnicode=true&useJDBCCompliantTimezoneShift=true&useLegacyDatetimeCode=false&serverTimezone=UTC
ports:
- "8100:8100"
gateway:
image: gateway
restart: always
depends_on:
- config
environment:
- CONFIG_URI=http://config:8100
ports:
- '8081:8080'
volumes:
db: {}
In gateway microservice, in bootstrap.yml, i have this setting
spring:
cloud:
config:
uri: ${CONFIG_URI}
When i put up the docker composer i see that gateway service is trying to fetch configuration from http://config:8100
Fetching config from server at : http://config:8100
So, the variable passes to Spring Boot but docker-compose does not replace the service name with its actual link.
The very strange thing is that SPRING_DATASOURCE_URL environment variable gets translated correctly in config service to connect to db service.
I finally solved it thanks to this link Docker - SpringConfig - Connection refused to ConfigServer
The problem was the service was trying to fetch the config url too early.
Solution is to put in bootstrap.yml this settings
spring:
cloud:
config:
fail-fast: true
retry:
max-attempts: 20

traefik v2.2 help using only docker-compose router service entrypoint

Started learning about docker, traefik for playing in home.
Aim: Put everything all together in docker-compose.yml and .env files, understand basics, comment accordingly.
Want to get dashboard from traefik.test.local/dashboard rather test.local:8080, similarly api should be accessed from traefik.test.local/api. So that don't have to think about port numbers.
added lines to /etc/hosts
127.0.0.1 test.local
127.0.0.1 traefik.test.local
docker-compose.yml
version: "3.7"
services:
traefik:
# The official v2 Traefik docker image
image: traefik:v2.2
# Lets name the container
container_name: traefik
command:
# Enables the web UI
- "--api.insecure=true"
# Tells Traefik to listen to docker
- "--providers.docker"
ports:
# The HTTP port
- "80:80"
# The Web UI (enabled by --api.insecure=true)
- "8080:8080"
volumes:
# So that Traefik can listen to the Docker events
- /var/run/docker.sock:/var/run/docker.sock
#labels:
#- "traefik.http.routers.router.rule=Host(`traefik.test.local/dashboard`)"
#- "traefik.http.routers.router.rule=Host(`traefik.test.local/api`)"
restart:
always
Not able to understand how to connect from router to services. Also correct me if I am wrong anywhere. Thank you.
PS: OS: kde-neon
you can achieve this using the following definition, you need to add labels for the routers and service and not only the router
proxy:
image: traefik:v2.1
command:
- '--providers.docker=true'
- '--entryPoints.web.address=:80'
- '--entryPoints.metrics.address=:8082'
- '--providers.providersThrottleDuration=2s'
- '--providers.docker.watch=true'
- '--providers.docker.swarmMode=true'
- '--providers.docker.swarmModeRefreshSeconds=15s'
- '--providers.docker.exposedbydefault=false'
- '--providers.docker.defaultRule=Host("traefik.lvh.me")'
- '--accessLog.bufferingSize=0'
- '--api=true'
- '--api.dashboard=true'
- '--api.insecure=true'
- '--ping.entryPoint=web'
volumes:
- '/var/run/docker.sock:/var/run/docker.sock:ro'
ports:
- '80:80'
- '8080:8080'
restart:
always
deploy:
labels:
- traefik.enable=true
- traefik.docker.network=monitoring
- traefik.http.services.traefik-dashboard.loadbalancer.server.port=8080
- traefik.http.routers.traefik-dashboard.rule=Host(`dashboard.traefik.lvh.me`)
- traefik.http.routers.traefik-dashboard.service=traefik-dashboard
- traefik.http.routers.traefik-dashboard.entrypoints=web
- traefik.http.services.traefik-api.loadbalancer.server.port=80
- traefik.http.routers.traefik-api.rule=Host(`api.traefik.lvh.me`)
- traefik.http.routers.traefik-api.service=traefik-api
- traefik.http.routers.traefik-api.entrypoints=web
logging:
driver: json-file
options:
'max-size': '10m'
'max-file': '5'
also if you use lvh.me domain you not need to edit /etc/hosts