Comments (9)
关于日志 IP 显示问题:
默认情况下 bark-server IP 打印从 TCP 层获取 IP 地址,如果位于负载均衡器后面(例如 nginx、haproxy、caddy...) 请指定 --proxy-header
选项来设置 bark-server 从哪个 HTTP 头中获取 IP 地址,以下是一个样例:
bark-server 选项
--proxy-header X-Real-IP
Nginx 传递 X-Real-IP 头为远端 IP
location / {
log_not_found on;
# Replace http://192.168.1.123:8080 with the listening address of the bark server.
proxy_pass http://192.168.1.123:8080;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
}
from bark-server.
服务器运行是正常的,你确认一下外网访问 https://IP:8080/ping 是否正常,该有 app 里默认是 https 的前缀
from bark-server.
感谢答复,今天再次尝试在app里添加服务器成功。但是通过ip访问http://x.x.x.x:8080/vhezqmbacpmxcckx/test/test,返回错误信息:
{"code":500,"message":"push failed: Post "https://api.push.apple.com/3/device/162e7d2b3b2f4508222883b8ff0ae7ba689e1d1d5d684051c150a785ff6b7846\": x509: certificate signed by unknown authority","timestamp":1614777044}
我搜了一下,是需要我去苹果开发者里面上传证书吗?
另外,我是采用可执行文件方式安装的,vps上本来有个网站还在运行,我添加到/bark的二级目录下后,访问https://www.xx.com/bark/ping,得到的返回信息为:
{"code":400,"message":"failed to get device token: failed to get [bark] device token from database","timestamp":1614777417}
与同时刻用ip访问的信息不一样,麻烦大佬再帮忙看看是什么问题。
nginx里面的配置是加了下面的代码
location ^~ /bark {
proxy_pass http://127.0.0.1:8080;
}
from bark-server.
x509: certificate signed by unknown authority
麻烦执行 curl -kiv https://api.push.apple.com/3/device/162e7d2b3b2f4508222883b8ff0ae7ba689e1d1d5d684051c150a785ff6b7846%5C
给一下完整日志,v2.0 开始 server 端已经内嵌了 apple 的相关 CA,理论上 不应该出现这个错误;
这个错误一般两种情况:
- DNS 被污染解析到了不正确的 IP 导致证书不匹配
- api.push.apple.com 还有其他 CA 我们需要再次添加
所以麻烦执行一下上面的命令,给一下完整日志 我这边判断一下到底是啥情况。
from bark-server.
- Expire in 0 ms for 6 (transfer 0x555b07e59e80)
- Expire in 1 ms for 1 (transfer 0x555b07e59e80)
- Expire in 0 ms for 1 (transfer 0x555b07e59e80)
- Expire in 1 ms for 1 (transfer 0x555b07e59e80)
- Expire in 0 ms for 1 (transfer 0x555b07e59e80)
- Expire in 0 ms for 1 (transfer 0x555b07e59e80)
- Expire in 2 ms for 1 (transfer 0x555b07e59e80)
- Expire in 0 ms for 1 (transfer 0x555b07e59e80)
- Expire in 0 ms for 1 (transfer 0x555b07e59e80)
- Expire in 2 ms for 1 (transfer 0x555b07e59e80)
- Expire in 0 ms for 1 (transfer 0x555b07e59e80)
- Expire in 0 ms for 1 (transfer 0x555b07e59e80)
- Expire in 2 ms for 1 (transfer 0x555b07e59e80)
- Expire in 1 ms for 1 (transfer 0x555b07e59e80)
- Expire in 1 ms for 1 (transfer 0x555b07e59e80)
- Expire in 4 ms for 1 (transfer 0x555b07e59e80)
- Expire in 1 ms for 1 (transfer 0x555b07e59e80)
- Expire in 1 ms for 1 (transfer 0x555b07e59e80)
- Expire in 4 ms for 1 (transfer 0x555b07e59e80)
- Expire in 2 ms for 1 (transfer 0x555b07e59e80)
- Expire in 2 ms for 1 (transfer 0x555b07e59e80)
- Expire in 4 ms for 1 (transfer 0x555b07e59e80)
- Expire in 2 ms for 1 (transfer 0x555b07e59e80)
- Expire in 2 ms for 1 (transfer 0x555b07e59e80)
- Expire in 4 ms for 1 (transfer 0x555b07e59e80)
- Expire in 3 ms for 1 (transfer 0x555b07e59e80)
- Expire in 3 ms for 1 (transfer 0x555b07e59e80)
- Expire in 4 ms for 1 (transfer 0x555b07e59e80)
- Expire in 3 ms for 1 (transfer 0x555b07e59e80)
- Expire in 4 ms for 1 (transfer 0x555b07e59e80)
- Expire in 4 ms for 1 (transfer 0x555b07e59e80)
- Expire in 4 ms for 1 (transfer 0x555b07e59e80)
- Expire in 4 ms for 1 (transfer 0x555b07e59e80)
- Expire in 4 ms for 1 (transfer 0x555b07e59e80)
- Expire in 5 ms for 1 (transfer 0x555b07e59e80)
- Expire in 5 ms for 1 (transfer 0x555b07e59e80)
- Expire in 4 ms for 1 (transfer 0x555b07e59e80)
- Expire in 6 ms for 1 (transfer 0x555b07e59e80)
- Expire in 6 ms for 1 (transfer 0x555b07e59e80)
- Expire in 8 ms for 1 (transfer 0x555b07e59e80)
- Expire in 7 ms for 1 (transfer 0x555b07e59e80)
- Expire in 7 ms for 1 (transfer 0x555b07e59e80)
- Expire in 8 ms for 1 (transfer 0x555b07e59e80)
- Expire in 8 ms for 1 (transfer 0x555b07e59e80)
- Expire in 8 ms for 1 (transfer 0x555b07e59e80)
- Expire in 16 ms for 1 (transfer 0x555b07e59e80)
- Expire in 10 ms for 1 (transfer 0x555b07e59e80)
- Expire in 10 ms for 1 (transfer 0x555b07e59e80)
- Expire in 16 ms for 1 (transfer 0x555b07e59e80)
- Expire in 11 ms for 1 (transfer 0x555b07e59e80)
- Expire in 11 ms for 1 (transfer 0x555b07e59e80)
- Expire in 14 ms for 1 (transfer 0x555b07e59e80)
- Trying 17.188.139.149...
- TCP_NODELAY set
- Expire in 149978 ms for 3 (transfer 0x555b07e59e80)
- Expire in 200 ms for 4 (transfer 0x555b07e59e80)
- Connected to api.push.apple.com (17.188.139.149) port 443 (#0)
- ALPN, offering h2
- ALPN, offering http/1.1
- successfully set certificate verify locations:
- CAfile: none
CApath: /etc/ssl/certs - TLSv1.3 (OUT), TLS handshake, Client hello (1):
- TLSv1.3 (IN), TLS handshake, Server hello (2):
- TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
- TLSv1.3 (IN), TLS handshake, Request CERT (13):
- TLSv1.3 (IN), TLS handshake, Certificate (11):
- TLSv1.3 (IN), TLS handshake, CERT verify (15):
- TLSv1.3 (IN), TLS handshake, Finished (20):
- TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
- TLSv1.3 (OUT), TLS handshake, Certificate (11):
- TLSv1.3 (OUT), TLS handshake, Finished (20):
- SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
- ALPN, server accepted to use h2
- Server certificate:
- subject: CN=api.push.apple.com; OU=management:idms.group.533599; O=Apple Inc.; ST=California; C=US
- start date: Mar 14 17:50:10 2019 GMT
- expire date: Apr 12 17:50:10 2021 GMT
- issuer: CN=Apple IST CA 2 - G1; OU=Certification Authority; O=Apple Inc.; C=US
- SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
- Using HTTP2, server supports multi-use
- Connection state changed (HTTP/2 confirmed)
- Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
- Using Stream ID: 1 (easy handle 0x555b07e59e80)
GET /3/device/162e7d2b3b2f4508222883b8ff0ae7ba689e1d1d5d684051c150a785ff6b7846%5C HTTP/2
Host: api.push.apple.com
User-Agent: curl/7.64.0
Accept: /
- Connection state changed (MAX_CONCURRENT_STREAMS == 1)!
< HTTP/2 405
HTTP/2 405
< apns-id: A0A4A829-D566-E05C-BA92-C363FF3EDD41
apns-id: A0A4A829-D566-E05C-BA92-C363FF3EDD41
<
- Connection #0 to host api.push.apple.com left intact
dns用的是119.29.29.29&114
from bark-server.
@ycj1379 新添加了 GeoTrust Global CA,请等待 CI 运行 完成后 删除本地镜像重新拉起新镜像试试
from bark-server.
好的,感谢!
from bark-server.
关于 Nignx 等负载均衡器配置,针对于个人网站或者说可以随便改的小型站点,推荐使用 https://ssl-config.mozilla.org/ 生成最佳配置,以满足搜索引擎 SEO 以及各种设备的安全性要求 😁
from bark-server.
已经可以正常推送,等迟点再折腾nginx的配置🥰
from bark-server.
Related Issues (20)
- 【MySQL】Docker容器如何连接MySQL HOT 1
- SIGQUIT: exit signal does not handle properly HOT 2
- APNS 真实设备 Token 如果泄露了,会有什么后果? HOT 1
- 【如何限制未知设备连接到服务器】 HOT 3
- windows部署
- 转义问题 HOT 2
- official freebsd release ? HOT 1
- failed device token from database HOT 3
- 如何更换p8证书 HOT 4
- 4Kb最终实际剩余文本推送大小是多少?
- 哪里可以判断空内容不进行推送 HOT 1
- Cloudflare Worker Version
- 私有部署服务每次调用都会触发两次 HOT 2
- Feature Request: Add Support for Scheduled Messaging
- bark-server 返回 408 ,但是代码中没有找到返回 408 的地方
- 自建dockerserver推送失败报错苹果服务器EOF
- docker 安装后直接提示404 HOT 1
- 请问是否支持多客户端?
- Bark能不能设置白名单 HOT 14
- 推送服务器网址不支持带子路径的吗?必须是网站根目录? HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from bark-server.