msgbyte
Server-Tab not displaying data
Using the latest V1.13.1, tianji doesnt displays any server-data. In the sidemenu, it states, that it would show 8 servers, but on the actual tab, there is only the message "No data".
In the docker logs, everything is normal, until i request the server-page. Then the following error is thrown:
[Socket] Authenticated throw error: Error: Can not get user info. at Array.<anonymous> (file:///app/tianji/src/server/dist/src/server/ws/index.js:31:27)
I know it worked sometime ago, but i didnt checked it since then, and i always had the latest-tag for the docker-compose, so its possible that this bug developed over previous builds.
I think logic should be work, can you clear your cookie and try relogin again?
Hey, i've cleared everything my browser listed me in the developer tools regarding storage. the page then automaticaly redirects me to the login screen. But even after that, tianji only shows the number of reporting servers in the sidebar, not the actual data. I've tested this also on a device, where i have never used the website, with the same results. Even the logs doesnt show anything other than reported in my first post.
Btw, i can see in the logs, that the servers are reporting correctly to tianji, so there shouldnt be any problems.
Is there any possibility to turn on more verbose logging or something like that?
as you said its looks like websocket auth not pass.
can you visit /api/auth/session to check login session info?
should be like this:
Yes, it looks nearly identical with the screenshot u shared, ofcorse with slightly different expire-time and id, but else anything is the same...
is your environment freshly setup with the current version or is it an older setup migrated to the latest?
I try to use a incognito window to make browser clear and without any cookie or local state. and everything is work file.
did you mind try to help me debug it?
the bug is report here, to check auth permission in serverside .
did you mind print socket.request and socket.handshake.secure?
ok i'll try, but i never worked with nodejs before. i can connect into the container and modify these two files, but do i need to restart the node-service? If yes, how? if i kill the node process, which is using the :12345 port, the container crashes and restarts, but with the original files... Any idea?
enter docker container with docker exec
and change js file(maybe compress but i think almost same)
then exit container and run docker restart <container_id> to restart.
if you dont delete container, all change will keep
I have the same issue on my test server
This appear when i access the Servers tab,
No server info is shown
Some more info on my environment
Im running this on https using reversed proxy Nginx is see the service is also run on TCP 12345 , maybe this needs a port directly being forwarded to the server apart from HTTP protocol?
Ok , Found the solution for me,
On NGinx proxy manager you need to enable websockets Support, and on SSL tab, you need only HTTP/2 Support tab enabled.
This solved for me
I have the same problem: Can't get user info. Version: v1. 18. 1. In a docker container running through the Traefik proxy server. Docker-compose.yml:
version: '3'
services:
tianji:
image: moonrailgun/tianji
expose:
- 12345
environment:
DATABASE_URL: postgresql://tianji:tianji@postgres:5432/tianji
JWT_SECRET: freight-urban-computer-skipping-freeload-gout-gem
ALLOW_REGISTER: "false"
ALLOW_OPENAPI: "false"
OPENAI_API_KEY: "random-string-of-characters"
depends_on:
- postgres
restart: always
labels:
- "traefik.enable=true"
- "traefik.http.routers.tianji.entrypoints=https"
- "traefik.http.routers.tianji.rule=Host(`***.com`)"
- "traefik.http.routers.tianji.tls=true"
- "traefik.http.routers.tianji.tls.certresolver=letsEncrypt"
- "traefik.http.services.tianji.loadbalancer.server.port=12345"
postgres:
image: postgres:15.4-alpine
environment:
POSTGRES_DB: tianji
POSTGRES_USER: tianji
POSTGRES_PASSWORD: tianji
volumes:
- tianji-db-data:/var/lib/postgresql/data
restart: always
healthcheck:
test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
interval: 5s
timeout: 5s
retries: 5
volumes:
tianji-db-data:
networks:
default:
external:
name: server
UPD I tried switching the VPS from Traefik to Caddy and everything started up. Apparently the problem is related to the Traefik settings
i fond a solution for traefik https://www.phantomma.top/post/kubernetes-li-traefik-v3-zhi-chi-websockets/
According to @PhantomMaa's link, this compose.yaml with traefik works for me:
services:
tianji:
image: moonrailgun/tianji:latest
environment:
DATABASE_URL: postgresql://******:******@postgres:5432/******
JWT_SECRET: ******
ALLOW_REGISTER: false
ALLOW_OPENAPI: true
labels:
- "traefik.enable=true"
- "traefik.docker.network=proxy"
- "traefik.http.routers.tianji.entrypoints=websecure"
- "traefik.http.routers.tianji.rule=Host(`***.com`)"
- "traefik.http.routers.tianji.service=tianji-service"
- "traefik.http.services.tianji-service.loadbalancer.server.port=12345"
# >>> Add following lines >>>
- "traefik.http.middlewares.forcehttps.headers.customrequestheaders.X-Forwarded-Proto=https"
- "traefik.http.routers.tianji.middlewares=forcehttps"
# <<< Add following lines <<<
depends_on:
- postgres
restart: always
networks:
- proxy
- default
postgres:
image: postgres:15.4-alpine
environment:
POSTGRES_DB: ***
POSTGRES_USER: ***
POSTGRES_PASSWORD: ***
volumes:
- ./data:/var/lib/postgresql/data
restart: always
healthcheck:
test: ["CMD-SHELL", "pg_isready -U $${POSTGRES_USER} -d $${POSTGRES_DB}"]
interval: 5s
timeout: 5s
retries: 5
networks:
proxy:
external: true
So I'm using Pangolin which uses traefik as a backend and it seems x-forwarded-proto is being sent, but it's returning the cannot get user info error
{
"path": "/server",
"headers": {
"host": "example.com",
"user-agent": "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0",
"accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8",
"accept-encoding": "gzip, deflate, br, zstd",
"accept-language": "en-US,en;q=0.5",
"cookie": "[omitted]",
"dnt": "1",
"if-none-match": "[omitted]",
"priority": "u=0, i",
"sec-fetch-dest": "document",
"sec-fetch-mode": "navigate",
"sec-fetch-site": "none",
"sec-fetch-user": "?1",
"sec-gpc": "1",
"te": "trailers",
"upgrade-insecure-requests": "1",
"x-forwarded-for": "ip address",
"x-forwarded-host": "example.com",
"x-forwarded-port": "443",
"x-forwarded-proto": "https",
"x-forwarded-server": "114fe9a770ac",
"x-real-ip": "ip address"
},
"method": "GET",
"body": "",
"fresh": false,
"hostname": "example.com",
"ip": "ip address",
"ips": [
"ip address"
],
"protocol": "https",
"query": {},
"subdomains": [
"tianji"
],
"xhr": false,
"os": {
"hostname": "5e65ec55288c"
},
"connection": {}
}
here's the headers pangolin sends on each request
If you're using nginx as a proxy without a fancy UX, you'll want to edit your nginx conf:
server {
server_name example.com;
location / {
proxy_pass http://localhost:12345;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Add these lines for WebSocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
listen 443 ssl http2; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
Did that, restored Nginx, it's good to go :)
