南墙 waf 的官方配置组合了 uuwaf 和 wafdb 两个容器,uuwaf 与 wafdb 建立数据库连接。
在1panel里面,发生一些诡异的问题:
全新安装南墙的时候,网络别名能够正确配置,也可以正常使用,wafdb 生成的配置如下:
...
"Networks": {
"1panel-network": {
"IPAMConfig": null,
"Links": null,
"Aliases": [
"1Panel-uuwaf-cbcI-db",
"wafdb",
"9e8c7f09eac8"
],
"NetworkID": "1587dd2b6510c560977682fec0426c5a3abf22eef6bfdab90897b32e0bf57478",
"EndpointID": "9c4adbc0f0b06e982e2899ff0504f9b72d3aeeff58ea3a297d64cc3edad6304c",
"Gateway": "172.18.0.1",
"IPAddress": "172.18.0.8",
"IPPrefixLen": 16,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "02:42:ac:12:00:08",
"DriverOpts": null
}
...
重启 wafdb 和 uuwaf 两个容器后,wafdb 的别名就不正确了;然而再回到应用商店中对南墙 waf 进行重建,别名又恢复正常,此时重启两个容器后也可以正常使用。
1panel 版本:1.8.2
发行版本:ubuntu-22.04
内核版:6.2.0-36-generic
系统类型:x86_64
官方配置截取:
wafdb:
image: percona:8
container_name: wafdb
networks:
wafnet:
volumes:
- wafshared:/docker-entrypoint-initdb.d
- wafdata:/var/lib/mysql
environment:
- TZ=Asia/Shanghai
- INIT_ROCKSDB
- MYSQL_ROOT_PASSWORD=Safe3.WAF
/opt/1panel/apps/uuwaf/uuwaf/docker-compose.yml截取:
wafdb:
container_name: ${CONTAINER_NAME}-db
deploy:
resources:
limits:
cpus: ${CPUS}
memory: ${MEMORY_LIMIT}
environment:
- TZ=Asia/Shanghai
- INIT_ROCKSDB
- MYSQL_ROOT_PASSWORD=Safe3.WAF
image: percona:8
networks:
- 1panel-network
volumes:
- wafshared:/docker-entrypoint-initdb.d
- wafdata:/var/lib/mysql