1. 首页
  2. 问答
  3. Socket.io与NGINX和https2

Socket.io与NGINX和https2

2017-05-30 143 views
4

我有node.js应用程序,它是由NGINX服务。我无法连接socket.io,并继续获取404请求建立连接的POST请求。Socket.io与NGINX和https2

它的工作在本地,所以它必须是一个NGINX问题。

# HTTP - redirect all requests to HTTPS: 
    server { 
    listen 80; 
    listen [::]:80; 
    return 301 https://$host$request_uri; 
    } 
    # HTTPS - proxy requests on to local Node.js app: 
    server { 
    listen 443 ssl http2; 
    server_name example.com; 
    ssl on; 
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; 
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; 
    ssl_session_timeout 5m; 
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    ssl_prefer_server_ciphers on; 
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; 
    location/{ 
     proxy_set_header X-Real-IP $remote_addr; 
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
     proxy_set_header X-NginX-Proxy true; 
     proxy_set_header X-Forwarded-Proto https; 
     proxy_pass http://127.0.0.1:8080; 
     proxy_ssl_session_reuse off; 
     proxy_set_header Host $http_host; 
     proxy_cache_bypass $http_upgrade; 
     proxy_redirect off; 
    } 
}

感谢您的任何帮助。

来源

2017-05-30 Matej Maloča

+0

哪个nginx的版本,您正在使用?它可能还不支持HTTP2。 – Nevertheless

+0

这是最新版本。 HTTP2工作正常,这对于socekts的NGINX配置是一个问题。 –

+0

你是否已经初始化了socket.io并设置为这样听: var io = app.io; io.listen(服务器); ? – iubema

回答

0

看一看NGINX文档。

https://www.nginx.com/blog/websocket-nginx/

enter chttp { 
map $http_upgrade $connection_upgrade { 
    default upgrade; 
    '' close; 
} 

upstream websocket { 
    server 192.168.100.10:8010; 
} 

server { 
    listen 8020; 
    location/{ 
     proxy_pass http://websocket; 
     proxy_http_version 1.1; 
     proxy_set_header Upgrade $http_upgrade; 
     proxy_set_header Connection $connection_upgrade; 
    } 
}

}

来源

2017-05-30 13:28:43 Marc

+0

请您详细说明一下,我是NGINX的新手。谢谢 –

1

由于WebSockets的使用Upgrade头在HTTP 1.1推出,你需要在你的路线专门使用这种协议和Connection头设置为upgrade

您还需要一个独特的名字指定proxy_pass指令。

你的配置是这样的事情:

upstream sockets { 
    server localhost:8080; 
} 

# HTTP - redirect all requests to HTTPS: 
server { 
    listen 80; 
    listen [::]:80; 
    return 301 https://$host$request_uri; 
} 

# HTTPS - proxy requests on to local Node.js app: 
server { 
    listen 443 ssl http2; 
    server_name example.com; 
    ssl on; 
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; 
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; 
    ssl_session_timeout 5m; 
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    ssl_prefer_server_ciphers on; 
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH'; 

    location/{ 

     proxy_set_header X-Real-IP $remote_addr; 
     proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
     proxy_set_header X-NginX-Proxy true; 
     proxy_set_header X-Forwarded-Proto https; 
     proxy_set_header Host $host; 

     proxy_pass http://sockets; 

     proxy_set_header Upgrade $http_upgrade; 
     proxy_set_header Connection "upgrade"; 
     proxy_set_header Host $http_host; 

     proxy_http_version 1.1; 
     proxy_ssl_session_reuse off; 
     proxy_cache_bypass $http_upgrade; 
     proxy_redirect off; 
    } 

}

来源

2017-06-03 19:03:26

+0

感谢您的努力。我会尽快尝试并提供反馈。 –

+0

我的其他API调用不应该是'http://127.0.0.1:8080'上的'proxy_pass',所以可以有多个位置?一个位置处理socets和一个正常请求? –

+0

就像套接字一样,您可以将上游重命名为不同于“套接字”的东西,以便像“网站”那样更加连贯。这也是我使用的;) –

相关问题

 相关问题