diff --git a/deploy/dev-deploy/.env.dev b/deploy/dev-deploy/.env.dev index 5dcf59d..3511f27 100644 --- a/deploy/dev-deploy/.env.dev +++ b/deploy/dev-deploy/.env.dev @@ -33,7 +33,7 @@ CELERY_BROKER_URL=redis://redis:6379/0 CELERY_RESULT_BACKEND=redis://redis:6379/1 CELERY_TIMEZONE=Asia/Shanghai SCHEDULER_EXPIRE_INTERVAL_SECONDS=60 -FLOWER_API_BASE_URL=http://flower:5556 +FLOWER_API_BASE_URL=http://flower:5555 FLOWER_API_TIMEOUT_SECONDS=10 FLOWER_BASIC_AUTH=admin:admin WORKER_REGISTRY_TTL_SECONDS=90 diff --git a/deploy/dev-deploy/compose.yml b/deploy/dev-deploy/compose.yml index 655081b..881f329 100644 --- a/deploy/dev-deploy/compose.yml +++ b/deploy/dev-deploy/compose.yml @@ -177,7 +177,7 @@ services: CELERY_BROKER_URL: redis://redis:6379/0 CELERY_RESULT_BACKEND: redis://redis:6379/1 CELERY_TIMEZONE: ${CELERY_TIMEZONE} - FLOWER_BASIC_AUTH: ${FLOWER_BASIC_AUTH} + FLOWER_BASIC_AUTH: ${FLOWER_BASIC_AUTH:-admin:admin} ports: - "${FLOWER_PORT}:5555" restart: unless-stopped diff --git a/deploy/pro-deploy/compose.yml b/deploy/pro-deploy/compose.yml index 137f640..069ac33 100644 --- a/deploy/pro-deploy/compose.yml +++ b/deploy/pro-deploy/compose.yml @@ -149,7 +149,7 @@ services: CELERY_BROKER_URL: redis://redis:6379/0 CELERY_RESULT_BACKEND: redis://redis:6379/1 CELERY_TIMEZONE: ${CELERY_TIMEZONE} - FLOWER_BASIC_AUTH: ${FLOWER_BASIC_AUTH} + FLOWER_BASIC_AUTH: ${FLOWER_BASIC_AUTH:-admin:change_me} ports: - "${FLOWER_PORT}:5555" restart: unless-stopped diff --git a/memory/2026-05-02.md b/memory/2026-05-02.md index 834ad48..5872549 100644 --- a/memory/2026-05-02.md +++ b/memory/2026-05-02.md @@ -282,3 +282,29 @@ - 风险与影响: - 影响范围仅前端角色管理页面展示层;接口契约与数据结构无变更。 + +## Work Log - 修复 Worker 监控 Flower 401(2026-05-02) + +- 背景: + - Issue `FL-171` 报告 “worker 监控页面 401(flower error 401: Unauthorized)”。 + +- 根因: + - `deploy/dev-deploy/.env.dev` 中 `FLOWER_API_BASE_URL` 误配为 `http://flower:5556`,与 `flower` 容器实际监听端口 `5555` 不一致。 + - `deploy/*/compose.yml` 的 `flower` 服务环境变量 `FLOWER_BASIC_AUTH` 未设置默认值,若运行时未注入该变量,容器内可能读取为空,导致 API 侧按旧凭据访问时出现 401。 + +- 本次改动(最小闭环): + - 文件:`deploy/dev-deploy/.env.dev` + - `FLOWER_API_BASE_URL` 从 `http://flower:5556` 修正为 `http://flower:5555`。 + - 文件:`deploy/dev-deploy/compose.yml` + - `flower.environment.FLOWER_BASIC_AUTH` 调整为 `${FLOWER_BASIC_AUTH:-admin:admin}`,与命令参数默认值一致。 + - 文件:`deploy/pro-deploy/compose.yml` + - `flower.environment.FLOWER_BASIC_AUTH` 调整为 `${FLOWER_BASIC_AUTH:-admin:change_me}`,避免环境变量缺失时鉴权源不一致。 + +- 验证: + - 配置一致性检查: + - `FLOWER_API_BASE_URL`(dev/pro/env.example)全部指向容器内 `http://flower:5555`。 + - `flower` 服务命令参数与容器环境变量 `FLOWER_BASIC_AUTH` 已对齐默认回退策略。 + +- 风险与影响: + - 影响面仅部署配置与环境模板,不涉及业务代码逻辑。 + - 若生产实际使用了外部注入的 `FLOWER_BASIC_AUTH`,该值仍会覆盖默认值,不改变既有安全策略。