nginx as proxy for wss - nginx

real address => https://wssserver1/wss/
Only test1 able to access, try using proxy_pass for other testX able to browse wssserver1.
When I open it from test2
https://test1/wssserver1, it manage to update the header name but nothing appear.
error log show it direct wss path to localhost instead of wssserver1
/var/www/html/wss/ is not found.
My nginx config
test 1 nginx config
location /wssserver1 {
proxy_buffers 8 32k;
proxy_buffer_size 64k;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Client-Verify SUCCESS;
proxy_set_header Host $proxy_host;
proxy_set_header X-NginX-Proxy true;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_pass https://wssserver1/;
proxy_redirect off;
proxy_buffering off;
proxy_read_timeout 999999999;
}

Related

Websockets in NGINX not working with server with internet proxy: Error: No pong received in 3 seconds

I was trying to host flask application in NGINX which uses websockets.
It is working fine with the servers which do not use any proxy servers.
When it is hosted in a server that passes requests to proxy servers, client does not receive any message sent via websocket.
Initially none of the external API calls were working which started working when I added environ variable http_proxy and https_proxy for the service.
But the socket is still not working.
Got error: "no pong received in 3 seconds" in the server when trying to connect to websocket
This is what I get in browser
The following is the nginx configuration.
log_format upstreamlog '$server_name to: $upstream_addr [$request] '
'upstream_response_time $upstream_response_time '
'msec $msec request_time $request_time';
upstream socket_nodes {
ip_hash;
server 127.0.0.1:4000;
server 127.0.0.1:4001;
server 127.0.0.1:4002;
}
server {
listen 80;
listen [::]:80;
access_log /var/log/nginx/access.log upstreamlog;
add_header Strict-Transport-Security max-age=15768000;
location /static/* {
alias /file_path;
}
location / {
include uwsgi_params;
proxy_pass http://socket_nodes;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Front-End-Https on;
proxy_buffer_size 16k;
proxy_busy_buffers_size 16k;
}
location /socket.io {
proxy_pass http://socket_nodes/socket.io;
proxy_http_version 1.1;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
Try changing the socket configuration as below,
location /socket.io {
proxy_pass http://socket_nodes/socket.io;
proxy_http_version 1.1;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $proxy_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}

Nginx Basic authentification for an upstream location

i am trying to get a basic authentification in an nginx conf for an upstream.
location /movies/ {
rewrite /movies/(.*)$ /$1 break;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_redirect off;
proxy_buffering off;
proxy_pass http://jd2movies;
auth_basic "Administrator Login";
auth_basic_user_file /root/.htpasswd;
}
but i get an "500 Internal Server Error"
How can i achieve this to get it working?
Thanks

How to forward web-socket request to microservice using nginx

I wanted to forward the web-socket request to microservice using nginx.
I am hitting https://some-host/download-zip-service/downloadFile
By this, the calls are landing on download-zip-service and downloadFile API get the call.
in downloadFile I am using the socket to forward the request to microservice
but when I tried to call socket API from download-zip-service
I do something like var socket = io('https://some-host/download-zip-service/');
the calls are directly landing on
wss://some-host/socket.io/?EIO=3&transport=websocket&sid=12345678
instead of https://some-host/download-zip-service/socket.io/?EIO=3&transport=websocket&sid=12345678
as a reason, I explicitly added the root / path for download-zip-service.
Below is my NGINX.conf file
worker_processes 4;
events { worker_connections 1024; }
http {
sendfile on;
upstream download-zip-service {
server xx.xx.xx.xx:9012;
}
server {
listen 8765;
#Changed for implementing WEB Socket
location / {
proxy_pass http://download-zip-service/;
proxy_redirect off;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Host $server_name;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
#new property added
proxy_request_buffering off;
proxy_buffering off;
}
location /download-zip-service/ {
proxy_pass http://download-zip-service/;
proxy_redirect off;
# proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# proxy_set_header X-Forwarded-Host $server_name;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
#socket timeout setting added
fastcgi_read_timeout 7200s;
send_timeout 7200s;
proxy_connect_timeout 7200s;
proxy_send_timeout 7200s;
proxy_read_timeout 7200s;
#new property added
proxy_request_buffering off;
proxy_buffering off;
}
}
}
I want to remove the root / path for download-zip-service.
and it should work with /download-zip-service/
Please let me know where I am doing mistake

Does nginx supports websocket with binary

I'm testing nginx by sending binary data(byte[]) using websocket connection and it doesn't work correctly. I used the following settings.
server {
listen 80;
client_max_body_size 2G;
server_name oracleapps.veeralab.com;
location / {
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_read_timeout 84600s;
proxy_send_timeout 84600s;
proxy_buffering off;
proxy_ignore_client_abort off;
proxy_pass http://localhost:8080;
}
}

Nginx proxy pass append request parameter to upstream

Here is my site conf -
upstream demo {
server server1:31337;
server server2:31338;
server server3:31339;
server server4:31340;
keepalive 64;
}
server {
listen 80;
server_name www.site.org;
rewrite ^ https://$server_name$request_uri? permanent;
location / {
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_cache one;
proxy_cache_key sfs$request_uri$scheme;
proxy_pass http://demo;
}
}
I want when I open www.site.org it should proxy pass to any of the upstream server as server2:31337/mysite
How do I append /mysite request paramater ?
Can you try this
location / {
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_cache one;
proxy_cache_key sfs$request_uri$scheme;
rewrite ^(.*)$ /mysite$1 break;
proxy_pass http://demo;
}

Resources