2012-04-30 175 views
9

我在通過WSS連接到我的服務器時遇到問題。我按照下面的文章來設置帶有websocket的nginx:http://www.letseehere.com/reverse-proxy-web-socketsWSS的Nginx配置

以下是我的nginx配置,它提供了一個Play!應用:

#user nobody; 
worker_processes 1; 

error_log logs/error.log; 
#error_log logs/error.log notice; 
#error_log logs/error.log info; 

#pid  logs/nginx.pid; 

events { 
    worker_connections 1024; 
} 

tcp { 

    upstream websockets { 
     ## Play! WS location 
     server 127.0.0.1:9000; 
    }  

    server { 
     listen 80; 
     listen 8000; 
     server_name socket.domain.com; 

     tcp_nodelay on; 
     proxy_pass websockets; 
     proxy_send_timeout 300; 
    } 

    # virtual hosting 
    #include /usr/local/nginx/vhosts/*; 
} 

http { 

    server { 
     listen 443 ssl; 
     server_name socket.artoo.in; 

     ssl_certificate  /usr/local/nginx/key/socket.domain.com.crt; 
     ssl_certificate_key /usr/local/nginx/key/socket.domain.com.key; 

     ssl_session_timeout 5m; 

     ssl_protocols SSLv2 SSLv3 TLSv1; 
     ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; 
     ssl_prefer_server_ciphers on; 

     location/{ 
      proxy_pass http://127.0.0.1:9000; 
     } 
    } 
} 

在服務器上http://socket.domain.comhttps://socket.domain.com,WS訪問://socket.domain.com但不是WSS://socket.domain.com

回答

3

我已經至少解決了它通過使用stunnel短期(指這篇文章:http://www.darkcoding.net/software/proxy-socket-io-and-nginx-on-the-same-port-over-ssl/)。

Stunnel可以將HTTPS轉換爲HTTP,並通過該令牌將WSS轉換爲WS。 Nginx的服務於9000端口上運行如常插座應用:

/etc/stunnel/stunnel.conf

[https] 
accept = 443 
connect = 80 
TIMEOUTclose = 0 

/usr/local/nginx/conf/nginx.conf

#user nobody; 
worker_processes 1; 

error_log logs/error.log; 
#error_log logs/error.log notice; 
#error_log logs/error.log info; 

#pid  logs/nginx.pid; 

events { 
    worker_connections 1024; 
} 

tcp { 

    upstream websockets { 
     ## Play! WS location 
     server 127.0.0.1:9000; 
     check interval=3000 rise=2 fall=5 timeout=1000; 
    }  

    server { 
     listen 80; 
     listen 8000; 
     server_name socket.artoo.in; 

     tcp_nodelay on; 
     proxy_pass websockets; 
     proxy_send_timeout 300; 

    } 

    # virtual hosting 
    #include /usr/local/nginx/vhosts/*; 
} 

#http { 
# 
# server { 
#  listen 443 ssl; 
#  server_name socket.artoo.in; 
# 
#  ssl_certificate  /usr/local/nginx/key/socket.domain.com.crt; 
#  ssl_certificate_key /usr/local/nginx/key/socket.domain.com.key; 
# 
#  ssl_session_timeout 5m; 
# 
#  ssl_protocols SSLv2 SSLv3 TLSv1; 
#  ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; 
#  ssl_prefer_server_ciphers on; 
# 
#  location/{ 
#   proxy_pass http://127.0.0.1:9000; 
#  } 
# } 
#} 

現在我唯一需要擔心的是如何增加nginx上websockets的超時時間,連接似乎每隔75秒(nginx的默認值)突破。

+0

如何解決這個超時問題?比將超時設置爲龐大的數字更優雅嗎? –