1. 首頁
  2. 問答
  3. Socket.io與NGINX和https2

Socket.io與NGINX和https2

2017-05-30 54 views
4

我有node.js應用程序,它是由NGINX服務。我無法連接socket.io,並繼續獲取404請求建立連接的POST請求。Socket.io與NGINX和https2

它的工作在本地,所以它必須是一個NGINX問題。

# HTTP - redirect all requests to HTTPS: 
    server { 
    listen 80; 
    listen [::]:80; 
    return 301 https://$host$request_uri; 
    } 
    # HTTPS - proxy requests on to local Node.js app: 
    server { 
    listen 443 ssl http2; 
    server_name example.com; 
    ssl on; 
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; 
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; 
    ssl_session_timeout 5m; 
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    ssl_prefer_server_ciphers on; 
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; 
    location/{ 
     proxy_set_header X-Real-IP $remote_addr; 
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
     proxy_set_header X-NginX-Proxy true; 
     proxy_set_header X-Forwarded-Proto https; 
     proxy_pass http://127.0.0.1:8080; 
     proxy_ssl_session_reuse off; 
     proxy_set_header Host $http_host; 
     proxy_cache_bypass $http_upgrade; 
     proxy_redirect off; 
    } 
}

感謝您的任何幫助。

來源

2017-05-30 Matej Maloča

+0

哪個nginx的版本,您正在使用?它可能還不支持HTTP2。 – Nevertheless

+0

這是最新版本。 HTTP2工作正常,這對於socekts的NGINX配置是一個問題。 –

+0

你是否已經初始化了socket.io並設置爲這樣聽: var io = app.io; io.listen(服務器); ? – iubema

回答

0

看一看NGINX文檔。

https://www.nginx.com/blog/websocket-nginx/

enter chttp { 
map $http_upgrade $connection_upgrade { 
    default upgrade; 
    '' close; 
} 

upstream websocket { 
    server 192.168.100.10:8010; 
} 

server { 
    listen 8020; 
    location/{ 
     proxy_pass http://websocket; 
     proxy_http_version 1.1; 
     proxy_set_header Upgrade $http_upgrade; 
     proxy_set_header Connection $connection_upgrade; 
    } 
}

}

來源

2017-05-30 13:28:43 Marc

+0

請您詳細說明一下,我是NGINX的新手。謝謝 –

1

由於WebSockets的使用Upgrade頭在HTTP 1.1推出,你需要在你的路線專門使用這種協議和Connection頭設置爲upgrade

您還需要一個獨特的名字指定proxy_pass指令。

你的配置是這樣的事情:

upstream sockets { 
    server localhost:8080; 
} 

# HTTP - redirect all requests to HTTPS: 
server { 
    listen 80; 
    listen [::]:80; 
    return 301 https://$host$request_uri; 
} 

# HTTPS - proxy requests on to local Node.js app: 
server { 
    listen 443 ssl http2; 
    server_name example.com; 
    ssl on; 
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; 
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; 
    ssl_session_timeout 5m; 
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    ssl_prefer_server_ciphers on; 
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; 

    location/{ 

     proxy_set_header X-Real-IP $remote_addr; 
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
     proxy_set_header X-NginX-Proxy true; 
     proxy_set_header X-Forwarded-Proto https; 
     proxy_set_header Host $host; 

     proxy_pass http://sockets; 

     proxy_set_header Upgrade $http_upgrade; 
     proxy_set_header Connection "upgrade"; 
     proxy_set_header Host $http_host; 

     proxy_http_version 1.1; 
     proxy_ssl_session_reuse off; 
     proxy_cache_bypass $http_upgrade; 
     proxy_redirect off; 
    } 

}

來源

2017-06-03 19:03:26

+0

感謝您的努力。我會盡快嘗試並提供反饋。 –

+0

我的其他API調用不應該是'http://127.0.0.1:8080'上的'proxy_pass',所以可以有多個位置?一個位置處理socets和一個正常請求? –

+0

就像套接字一樣,您可以將上游重命名爲不同於「套接字」的東西,以便像「網站」那樣更加連貫。這也是我使用的;) –

相關問題

 相關問題