Terima kasih telah mengirimkan laporan bug. Silakan isi template di bawah ini, jika tidak, kami tidak akan dapat memproses laporan bug ini.
Menggunakan ttn-lw-cli v3.8.7 Saya tidak dapat menjalankan perintah konsol terhadap penerapan TTN v3.8.7 yang dikelola sendiri. Ini berfungsi sebelumnya dan sejak itu berhenti setelah penambahan flag http.redirect-to-tls dalam konfigurasi penerapan.
Konsol masih dapat diakses dan berfungsi seperti yang diharapkan. Saya tidak yakin apakah ini bug atau masalah konfigurasi sistem. Bagaimanapun bantuan Anda akan sangat dihargai!
ttn-lw-stack.yml - Server:
# Identity Server configuration
is:
# Email configuration for "REMOVED"
email:
sender-name: 'The Things Stack'
sender-address: 'noreply<strong i="17">@REMOVED</strong>'
network:
name: 'TTN-stack'
console-url: 'https://REMOVED/console'
identity-server-url: 'https://REMOVED/oauth'
# Web UI configuration for "REMOVED":
oauth:
ui:
canonical-url: 'https://REMOVED/oauth'
is:
base-url: 'https://REMOVED/api/v3'
# HTTP server configuration
http:
cookie:
block-key: 'REMOVED' # generate 32 bytes (openssl rand -hex 32)
hash-key: 'REMOVED' # generate 64 bytes (penssl rand -hex 64)
metrics:
password: 'REMOVED' # choose a password
pprof:
password: 'REMOVED' # choose a password
redirect-to-tls: 'true'
# Let's encrypt for "REMOVED"
tls:
source: 'acme'
acme:
dir: '/var/lib/acme'
email: 'REMOVED'
hosts: ['REMOVED']
default-host: 'REMOVED'
#If Gateway Server enabled, defaults for "REMOVED":
gs:
mqtt:
public-address: 'REMOVED:1882'
public-tls-address: 'REMOVED:8882'
mqtt-v2:
public-address: 'REMOVED:1881'
public-tls-address: 'REMOVED:8881'
#If Gateway Configuration Server enabled, defaults for "REMOVED":
gcs:
basic-station:
default:
lns-uri: 'wss://REMOVED:8887'
the-things-gateway:
default:
mqtt-server: 'mqtts://REMOVED:8881'
# Web UI configuration for "REMOVED":
console:
ui:
canonical-url: 'https://REMOVED/console'
is:
base-url: 'https://REMOVED/api/v3'
gs:
base-url: 'https://REMOVED/api/v3'
ns:
base-url: 'https://REMOVED/api/v3'
as:
base-url: 'https://REMOVED/api/v3'
js:
base-url: 'https://REMOVED/api/v3'
qrg:
base-url: 'https://REMOVED/api/v3'
edtc:
base-url: 'https://REMOVED/api/v3'
oauth:
authorize-url: 'https://REMOVED/oauth/authorize'
token-url: 'https://REMOVED/oauth/token'
client-id: 'console'
client-secret: 'console' # choose or generate a secret
konfigurasi ttn-lw-cli -- Server:
--allow-unknown-hosts="false"
--application-server-enabled="true"
--application-server-grpc-address="localhost:8884"
--ca=""
--config="/home/ttn/ttn-stack-v3/config/stack/.ttn-lw-cli.yml,/home/ttn/snap/ttn-lw-stack/192/.ttn-lw-cli.yml,/home/ttn/snap/ttn-lw-stack/192/.config/.ttn-lw-cli.yml"
--credentials-id=""
--device-claiming-server-grpc-address="localhost:8884"
--device-template-converter-grpc-address="localhost:8884"
--dump-requests="false"
--gateway-server-enabled="true"
--gateway-server-grpc-address="localhost:8884"
--identity-server-grpc-address="localhost:8884"
--input-format="json"
--insecure="false"
--join-server-enabled="true"
--join-server-grpc-address="localhost:8884"
--log.level="info"
--network-server-enabled="true"
--network-server-grpc-address="localhost:8884"
--oauth-server-address="https://localhost:443/oauth"
--output-format="json"
--qr-code-generator-grpc-address="localhost:8884"
konfigurasi ttn-lw-stack -- CLI:
--as.device-kek-label=""
--as.interop.blob.bucket=""
--as.interop.blob.path=""
--as.interop.config-source=""
--as.interop.directory=""
--as.interop.id=""
--as.interop.url=""
--as.link-mode="all"
--as.mqtt.listen=":1883"
--as.mqtt.listen-tls=":8883"
--as.mqtt.public-address="localhost:1883"
--as.mqtt.public-tls-address="localhost:8883"
--as.webhooks.downlink.public-address="http://localhost:1885/api/v3"
--as.webhooks.downlink.public-tls-address=""
--as.webhooks.queue-size="16"
--as.webhooks.target="direct"
--as.webhooks.templates.directory=""
--as.webhooks.templates.logo-base-url=""
--as.webhooks.templates.url=""
--as.webhooks.timeout="5s"
--as.webhooks.workers="16"
--blob.aws.access-key-id=""
--blob.aws.endpoint=""
--blob.aws.region=""
--blob.aws.secret-access-key=""
--blob.aws.session-token=""
--blob.gcp.credentials=""
--blob.gcp.credentials-file=""
--blob.local.directory="./public/blob"
--blob.provider="local"
--cache.redis.address=""
--cache.redis.database="0"
--cache.redis.failover.addresses=""
--cache.redis.failover.enable="false"
--cache.redis.failover.master-name=""
--cache.redis.namespace=""
--cache.redis.password=""
--cache.redis.pool-size="0"
--cache.service=""
--cluster.address=""
--cluster.application-server=""
--cluster.crypto-server=""
--cluster.gateway-server=""
--cluster.identity-server=""
--cluster.join=""
--cluster.join-server=""
--cluster.keys=""
--cluster.name=""
--cluster.network-server=""
--cluster.tls="false"
--config="REMOVED"
--console.mount=""
--console.oauth.authorize-url="http://localhost:1885/oauth/authorize"
--console.oauth.client-id="console"
--console.oauth.client-secret="console"
--console.oauth.logout-url="http://localhost:1885/oauth/logout"
--console.oauth.token-url="http://localhost:1885/oauth/token"
--console.ui.as.base-url="http://localhost:1885/api/v3"
--console.ui.as.enabled="true"
--console.ui.assets-base-url="/assets"
--console.ui.branding-base-url=""
--console.ui.canonical-url="http://localhost:1885/console"
--console.ui.css-file="console.css"
--console.ui.descriptions=""
--console.ui.documentation-base-url="https://thethingsstack.io/3.8.7"
--console.ui.edtc.base-url="http://localhost:1885/api/v3"
--console.ui.edtc.enabled="true"
--console.ui.gs.base-url="http://localhost:1885/api/v3"
--console.ui.gs.enabled="true"
--console.ui.icon-prefix="console-"
--console.ui.is.base-url="http://localhost:1885/api/v3"
--console.ui.is.enabled="true"
--console.ui.js-file="console.js"
--console.ui.js.base-url="http://localhost:1885/api/v3"
--console.ui.js.enabled="true"
--console.ui.language="en"
--console.ui.ns.base-url="http://localhost:1885/api/v3"
--console.ui.ns.enabled="true"
--console.ui.qrg.base-url="http://localhost:1885/api/v3"
--console.ui.qrg.enabled="true"
--console.ui.sentry-dsn=""
--console.ui.site-name="The Things Stack for LoRaWAN"
--console.ui.sub-title="Management platform for The Things Stack for LoRaWAN"
--console.ui.support-link=""
--console.ui.theme-color=""
--console.ui.title="Console"
--device-repository.blob.bucket=""
--device-repository.blob.path=""
--device-repository.config-source=""
--device-repository.directory=""
--device-repository.url=""
--dtc.enabled=""
--events.backend="internal"
--events.cloud.publish-url=""
--events.cloud.subscribe-url=""
--events.redis.address=""
--events.redis.database="0"
--events.redis.failover.addresses=""
--events.redis.failover.enable="false"
--events.redis.failover.master-name=""
--events.redis.namespace=""
--events.redis.password=""
--events.redis.pool-size="0"
--frequency-plans.blob.bucket=""
--frequency-plans.blob.path=""
--frequency-plans.config-source=""
--frequency-plans.directory=""
--frequency-plans.url="https://raw.githubusercontent.com/TheThingsNetwork/lorawan-frequency-plans/master"
--gcs.basic-station.allow-cups-uri-update="false"
--gcs.basic-station.default.lns-uri="wss://localhost:8887"
--gcs.basic-station.owner-for-unknown.account-type=""
--gcs.basic-station.owner-for-unknown.api-key=""
--gcs.basic-station.owner-for-unknown.id=""
--gcs.basic-station.require-explicit-enable="false"
--gcs.require-auth="true"
--gcs.the-things-gateway.default.firmware-url="https://thethingsproducts.blob.core.windows.net/the-things-gateway/v1"
--gcs.the-things-gateway.default.mqtt-server="mqtts://localhost:8881"
--gcs.the-things-gateway.default.update-channel="stable"
--grpc.allow-insecure-for-credentials="false"
--grpc.listen=":1884"
--grpc.listen-tls=":8884"
--gs.basic-station.fallback-frequency-plan-id=""
--gs.basic-station.listen=":1887"
--gs.basic-station.listen-tls=":8887"
--gs.basic-station.use-traffic-tls-address="false"
--gs.basic-station.ws-ping-interval="30s"
--gs.forward="=00000000/0"
--gs.mqtt-v2.listen=":1881"
--gs.mqtt-v2.listen-tls=":8881"
--gs.mqtt-v2.public-address="localhost:1881"
--gs.mqtt-v2.public-tls-address="localhost:8881"
--gs.mqtt.listen=":1882"
--gs.mqtt.listen-tls=":8882"
--gs.mqtt.public-address="localhost:1882"
--gs.mqtt.public-tls-address="localhost:8882"
--gs.require-registered-gateways="false"
--gs.udp.addr-change-block="1m0s"
--gs.udp.connection-expires="1m0s"
--gs.udp.downlink-path-expires="15s"
--gs.udp.listeners=":1700="
--gs.udp.packet-buffer="50"
--gs.udp.packet-handlers="16"
--gs.udp.rate-limiting.enable="true"
--gs.udp.rate-limiting.messages="10"
--gs.udp.rate-limiting.threshold="10ms"
--gs.udp.schedule-late-time="800ms"
--gs.update-connection-stats-debounce-time="3s"
--gs.update-gateway-location-debounce-time="1h0m0s"
--http.cookie.block-key=""
--http.cookie.hash-key=""
--http.health.enable="true"
--http.health.password=""
--http.listen=":1885"
--http.listen-tls=":8885"
--http.log-ignore-paths=""
--http.metrics.enable="true"
--http.metrics.password=""
--http.pprof.enable="true"
--http.pprof.password=""
--http.redirect-to-host=""
--http.redirect-to-tls="false"
--http.static.mount="/assets"
--http.static.search-path="/usr/local/Cellar/ttn-lw-stack/3.8.7/libexec/public"
--http.trusted-proxies="10.0.0.0/8,172.16.0.0/12,192.168.0.0/16"
--interop.listen-tls=":8886"
--interop.sender-client-ca.blob.bucket=""
--interop.sender-client-ca.blob.path=""
--interop.sender-client-ca.directory=""
--interop.sender-client-ca.source=""
--interop.sender-client-ca.url=""
--interop.sender-client-cas=""
--is.auth-cache.membership-ttl="10m0s"
--is.database-uri="postgresql://root<strong i="11">@localhost</strong>:26257/ttn_lorawan_dev?sslmode=disable"
--is.email.network.console-url="http://localhost:1885/console"
--is.email.network.identity-server-url="http://localhost:1885/oauth"
--is.email.network.name="The Things Stack for LoRaWAN"
--is.email.provider=""
--is.email.sender-address=""
--is.email.sender-name=""
--is.email.sendgrid.api-key=""
--is.email.sendgrid.sandbox="false"
--is.email.smtp.address=""
--is.email.smtp.connections="0"
--is.email.smtp.password=""
--is.email.smtp.username=""
--is.email.templates.blob.bucket=""
--is.email.templates.blob.path=""
--is.email.templates.directory=""
--is.email.templates.includes=""
--is.email.templates.source=""
--is.email.templates.url=""
--is.end-device-picture.bucket="end_device_pictures"
--is.end-device-picture.bucket-url="/assets/blob/end_device_pictures"
--is.oauth.mount=""
--is.oauth.ui.assets-base-url="/assets"
--is.oauth.ui.branding-base-url=""
--is.oauth.ui.canonical-url="http://localhost:1885/oauth"
--is.oauth.ui.css-file="oauth.css"
--is.oauth.ui.descriptions=""
--is.oauth.ui.icon-prefix="oauth-"
--is.oauth.ui.is.base-url="http://localhost:1885/api/v3"
--is.oauth.ui.is.enabled="true"
--is.oauth.ui.js-file="oauth.js"
--is.oauth.ui.language="en"
--is.oauth.ui.sentry-dsn=""
--is.oauth.ui.site-name="The Things Stack for LoRaWAN"
--is.oauth.ui.sub-title=""
--is.oauth.ui.theme-color=""
--is.oauth.ui.title=""
--is.profile-picture.bucket="profile_pictures"
--is.profile-picture.bucket-url="/assets/blob/profile_pictures"
--is.profile-picture.use-gravatar="true"
--is.user-registration.admin-approval.required="false"
--is.user-registration.contact-info-validation.required="false"
--is.user-registration.invitation.required="false"
--is.user-registration.invitation.token-ttl="168h0m0s"
--is.user-registration.password-requirements.max-length="1000"
--is.user-registration.password-requirements.min-digits="1"
--is.user-registration.password-requirements.min-length="8"
--is.user-registration.password-requirements.min-special="0"
--is.user-registration.password-requirements.min-uppercase="1"
--js.device-kek-label=""
--js.join-eui-prefix="0000000000000000/0"
--key-vault.provider="static"
--key-vault.static=""
--log.level="info"
--ns.application-uplink-queue.buffer-size="1000"
--ns.cooldown-window="1s"
--ns.deduplication-window="200ms"
--ns.default-mac-settings.adr-margin="15"
--ns.default-mac-settings.class-b-timeout="1m0s"
--ns.default-mac-settings.class-c-timeout="5m0s"
--ns.default-mac-settings.desired-rx1-delay="5"
--ns.default-mac-settings.status-count-periodicity="200"
--ns.default-mac-settings.status-time-periodicity="24h0m0s"
--ns.dev-addr-prefixes=""
--ns.device-kek-label=""
--ns.downlink-priorities.join-accept="highest"
--ns.downlink-priorities.mac-commands="highest"
--ns.downlink-priorities.max-application-downlink="high"
--ns.interop.blob.bucket=""
--ns.interop.blob.path=""
--ns.interop.config-source=""
--ns.interop.directory=""
--ns.interop.url=""
--ns.net-id="000000"
--pba.cluster-id=""
--pba.data-plane-address=""
--pba.forwarder.enable="false"
--pba.forwarder.token-key=""
--pba.forwarder.worker-pool.limit="1024"
--pba.home-network.blacklist-forwarder="true"
--pba.home-network.dev-addr-prefixes=""
--pba.home-network.enable="false"
--pba.home-network.worker-pool.limit="4096"
--pba.net-id="000000"
--pba.tenant-id=""
--pba.tls.certificate=""
--pba.tls.key=""
--pba.tls.key-vault.id=""
--pba.tls.source=""
--redis.address="localhost:6379"
--redis.database="0"
--redis.failover.addresses=""
--redis.failover.enable="false"
--redis.failover.master-name=""
--redis.namespace="ttn,v3"
--redis.password=""
--redis.pool-size="0"
--rights.ttl="2m0s"
--sentry.dsn=""
--tls.acme.default-host=""
--tls.acme.dir=""
--tls.acme.email=""
--tls.acme.enable="false"
--tls.acme.endpoint="https://acme-v02.api.letsencrypt.org/directory"
--tls.acme.hosts=""
--tls.certificate="cert.pem"
--tls.insecure-skip-verify="false"
--tls.key="key.pem"
--tls.key-vault.id=""
--tls.root-ca=""
--tls.source=""
ttn-lw-cli login
ERROR Please login with the login command
INFO Opening your browser on https://openstack-floating-193-206.ecdf.ed.ac.uk:443/oauth/authorize?client_id=cli&redirect_uri=local-callback&response_type=code
INFO After logging in and authorizing the CLI, we'll get an access token for future commands.
INFO Waiting for your authorization...
ERROR Could not exchange OAuth access token error=oauth2: cannot fetch token: 405 Method Not Allowed
Response: {
"code": 2,
"message": "error:pkg/errors/web:unknown (Method Not Allowed)",
"details": [
{
"@type": "type.googleapis.com/ttn.lorawan.v3.ErrorDetails",
"namespace": "pkg/errors/web",
"message_format": "Method Not Allowed",
"attributes": {
"message": "Method Not Allowed"
},
"code": 2
}
]
}
Idealnya, saya ingin mendapatkan otorisasi dan dapat masuk melalui konsol.
Baik CLI dan penerapan menjalankan v3.8.7. Deployment dan CLI berfungsi seperti yang diharapkan ketika flag http.redirect-to-tls disetel ke false atau tidak ada. Ini juga telah diuji menggunakan beberapa mesin berbeda terhadap penerapan yang sama, setiap kali mengulangi kesalahan (dengan setiap CLI juga menjalankan v3.8.7)
Tidak, saya akan dengan senang hati melakukannya jika saya bisa memperbaikinya, tetapi dengan ini saya sangat menghargai bantuan Anda!
Hai @ZeroSum24 , terima kasih telah melaporkan masalah ini. Memang, saya bisa mereproduksi masalah. Ini sudah ada sejak 3.8.0
rupanya.
EDIT: Sebagai solusinya, hingga perbaikan dirilis, Anda seharusnya dapat berhasil masuk dengan menghapus nomor port ( :443
) dari alamat server OAuth di .ttn-lw-cli.yml
.
@neoaggelos terima kasih banyak atas bantuan Anda dan tanggapan cepatnya! Saya telah menerapkan solusi itu di pihak kami yang telah menyelesaikan masalah untuk saat ini.
Harus diperbaiki dengan #3120
Komentar yang paling membantu
Harus diperbaiki dengan #3120