upstream timed out (110: Connection timed out) while reading response header from upstream nginx in nodejs project - nginx-reverse-proxy

While I had not connected this server to Domain or integrated SSL, it was working fine, as soon as I implemented the SSL it started throwing error.
Here is my server block - sites-available - config.
server{
server_name demo.example.com;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:3002; (I have used just proxy_pass in one config and still had the problem so added this set header)
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade"; (I have tried with just "" but it didnt work)
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_send_timeout 300;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/demo.example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/demo.example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server{
if ($host = demo.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name demo.example.com;
return 404; # managed by Certbot
}

Related

Expressjs + Peerjs + nginx : Unable to connect to Peerjs server

I am working on building videoapp using expressjs, peerjs. I am getting the below error while connecting to peerjs server. The app is running behind a proxy server (nginx). The code works fine in my local machine (I am not using proxy server while testing in my local).
`GET https://<servername>/peerjs/id?ts=16228299262200.9619575641336071 404 (Not Found)`
I am getting the result when I do "https://<servername>/peerjs". I assume the I am able to connect to peerjs server. I do not understand why I am getting the above error.
{"name":"PeerJS Server","description":"A server side element to broker
connections between PeerJS clients.","website":"https://peerjs.com/"}
I am combining peerjs along expressjs
const ExpressPeerServer = require('peer').ExpressPeerServer;
const peerServer = ExpressPeerServer(server, {
debug: true,
proxied:true,
});
app.use('/peerjs', peerServer);
Client side code
let myPeer = new Peer({host :'servername',secure:true})
Below is the configuration for nginx
server {
server_name <server_name>;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/<server_name>/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/<server_name>/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = <server_name>) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name <server_name>;
return 404; # managed by Certbot
}
PS: I am new to nodejs and nginx. I feel I am missing something very basic that I am not able to figure it out.

Hi in your nginx config file add /peerjs in proxy_pass . So your location block should look something like
location / {
proxy_pass http://localhost:3000/peerjs;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}

How to configure Websocket secure (wss) on a Nginx node server?

I tried to configure a Websocket proxy on my Nginx server, but unfortunately, I don't get it working. I have read various forms but cannot get out of it. I think it has something to do between the client connection to the server. Local om my pc is everything working fine
client code:
var port = new osc.WebSocketPort({
url: "wss://circusfamilyprojects.nl/"
});
server code:
var wss = new WebSocket.Server({
port: 8083
});
This is my configuration in Nginx
# custom code for hop by hop headers
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
#custom code for connection with websocket this is the port on the server
upstream websocket {
server 178.62.209.37:8083;
}
server {
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/circusfamilyprojects.nl/fullchain.pem; # managed by Cert$
ssl_certificate_key /etc/letsencrypt/live/circusfamilyprojects.nl/privkey.pem; # managed by Ce$
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
root /var/www/html/vue/cfdomotica/server/public;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name circusfamilyprojects.nl www.circusfmailyprojects.nl; # managed by Certbot
location / {
proxy_pass http://websocket;
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass_request_headers on;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
server {
if ($host = www.circusfamilyprojects.nl) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = circusfamilyprojects.nl) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 8080 ;
listen [::]:8080 ;
server_name circusfamilyprojects.nl;
return 404; # managed by Certbot
}
In my browser I get the message "Status Code: 426 Upgrade Required" I hope someone can help me, thanks in advance!

I solved it my self by separating a server block for port 443 and a server block for the WebSocket client. I did the server block for the client on port 8086.

Certbot Redirection of HTTP to HTTPS from Nginx is not working

I'm setting ssl server on Nginx with proxy_pass to apache.
The code was recreated by certbot and is not working. I can't find out what's wrong.
I've also tried to replace $host by $server_name and other suggestions from forum with no success.
server {
server_name biofit.blog www.biofit.blog;
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/gekko.winsum.ws/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/gekko.winsum.ws/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
proxy_buffers 8 32k;
proxy_buffer_size 64k;
proxy_pass http://biofit.blog:81;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 86400s;
proxy_send_timeout 86400s;
}
}
server {
if ($host = www.biofit.blog) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = biofit.blog) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name biofit.blog www.biofit.blog;
return 404; # managed by Certbot
}
The expected output of ssl should pass to apache running on port 81, but not:
ERR_TOO_MANY_REDIRECTS

it's not recommended to use if statement
try this:
server {
listen 80;
listen [::]:80;
server_name biofit.blog www.biofit.blog;
rewrite ^ https://$server_name$request_uri? permanent;
return 404; # managed by Certbot
}

Endless redirect loop with SSL nginx configuration

I configured some basic proxies and then ran certbot. It endlessly redirects me, unfortunately.
I have tried numerous solutions to no avail. Is there something wrong with the other these server blocks are in? Any help would be much appreciated.
server {
server_name www.example.com;
return 301 https://example.com$request_uri;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name example.com; # managed by Certbot
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
location / {
proxy_pass http://localhost:3000/;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Host $host;
}
location /api/ {
proxy_pass http://localhost:8000/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
server {
listen 80;
listen [::]:80 default_server;
return 302 https://$host$request_uri;
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name www.example.com;
listen 80;
return 404; # managed by Certbot
}

Try:
server {
listen 80;
listen [::]:80 default_server;
server_name www.example.com example.com;
return 302 https://$host$request_uri;
}
server {
server_name www.example.com example.com; # managed by Certbot
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
location / {
proxy_pass http://localhost:3000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Host $host;
}
location /api/ {
proxy_pass http://localhost:8000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}

Website won't work after ssl installation

My website was working properly before I installed the ssl certificate. However, once it was installed, my website stopped working. Nginx starts fine as usual, and I get no errors, but the website just doesn't work. Here's my code for nginx config:
server {
listen 80;
server_name www.example.com; (example is replaced with my domain name in code)
location / {
rewrite ^ https://$server_name$request_uri permanent;
}
}
server {
listen 443 ssl;
server_name www.example.com;
ssl_certificate /etc/nginx/ssl/example_com/ssl-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/example_com/example.key;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://xxx.xx.xx.xxx:8004;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}