I'm getting this error for actioncable when I switched my site to https:
WebSocket connection to 'wss://domain.com/cable' failed: Error during
WebSocket handshake: Unexpected response code: 404
The https site works fine, but I get a 404 for the websocket address. My current setup has the SSL terminate at the ELB and nginx redirect http to https. I run actioncable together with my rail server, not as a standalone.
How would I set up secure websockets in ?
Here is my nginx conf file
upstream puma {
server unix://var/run/server.sock;
}
server {
listen 80;
server_name default_server;
root /var/www/apps/server/public;
location /cable {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_pass http://puma;
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_next_upstream error;
if ($http_x_forwarded_proto != "https") {
rewrite ^(.*)$ https://$host$1 permanent;
}
proxy_pass http://puma;
...
}
And here is the configuration on ELB:
ELB Listeners
Fixed similar error (404 in actioncable /cable) in my setup like this
location /cable {
proxy_pass http://unix:/home/app/shared/tmp/puma/socket;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $host:$server_port;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 86400;
}
so add same proxy_set_header as you have in the other location (X-Real-IP etc)
Related
My setup is the following
location / {
proxy_set_header Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol https;
proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Url-Scheme https;
proxy_set_header Front-End-Https on;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Accel-Internal /internal-nginx-static-location;
access_log off;
proxy_pass http://127.0.0.1:5000;
}
Behind nginx i am running a docker container with an aspnet core application. But this application thinks it runs using schema http instead of https.
The aspnet core application has been setup using
options.ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;
and
app.UseForwardedHeaders
So the application is available via ssl but as soon as i try to login, the secured cookies are not transfered to client and the proxy ends in an incorrect state (bad gateway). The login in the application itself was successful (in the logs the result is fine) but the nginx seems unable to bring the response to the client.
Some faced a similar issue?
I am trying to deploy my app with vue.js as frontend and fastapi as backend. But I am having issue when deploy the app on the cloud. I have nginx configure like below.
I am binding backend to port 8080 and frontend to 8000. But with this configuration, I can only see my frontend page. The backend api is not respond. Can anyone show me how to fix it?
server {
listen 80;
server_name example.com;
charset utf-8;
root vis/dist;
index index.html index.htm;
location /api/ {
proxy_pass http://127.0.0.1:8000;
}
location / {
proxy_pass http://localhost:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_redirect off;
proxy_connect_timeout 90s;
proxy_read_timeout 90s;
proxy_send_timeout 90s;
}
error_log /var/log/nginx/vue-app-error.log;
access_log /var/log/nginx/vue-app-access.log;
}
I have a domain configured with nginx proxy to route like this:
mydomain.com -> localhost:3000
But now, I want a particular subdomain, to point to something like this:
subdomain.mydomain.com -> localhost:3000/mypage
Tried several things but I can't make it work:
server {
listen 80;
server_name subdomain.mydomain.com;
server_tokens off;
proxy_hide_header X-Powered-By;
location /healthcheck {
access_log off;
proxy_pass http://localhost:3000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache_bypass $http_upgrade;
}
# NGINX will reject anything not matching /
location ~ /(?<section>.+)/ {
# Reject requests with unsupported HTTP method
if ($request_method !~ ^(GET|POST|HEAD|OPTIONS|PUT|DELETE)$) {
return 405;
}
# Only requests matching the whitelist expectations will
# get sent to the application server
proxy_pass http://localhost:3000/mypage/$section;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache_bypass $http_upgrade;
}
}
Hi guys i am having a problem with nginx, i have configure phpmyadmin to run with nginx phpmyadmin is configured to run on port 8080. I access phpmyadmin via localhost/phpmyadmin and it give me the proper login screen below.
phpmyadmin login screen
after login the url on the address bar changes to the configure port from localhost/phpmyadmin to localhost:8080/phpmyadmin and it throws
error message
here is my nginx configuration:
server{
listen 443 ssl;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_certificate /etc/certificate/live/localhost/permission.pem;
ssl_certificate_key /etc/certificate/live/localhost/privkey.pem;
include /etc/certificate/live/localhost/ssl-nginx.conf;
access_log /var/log/nginx/apache2-access.log;
error_log /var/log/nginx/apache2-error.log;
location /phpmyadmin{
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Host $http_host;
proxy_set_header X-Ssl on;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8080/phpmyadmin;
proxy_redirect off;
}
}
Thanks in advance.
You should not be using proxy_redirect off;. You want to change the redirects
location /phpmyadmin{
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Host $http_host;
proxy_set_header X-Ssl on;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8080/phpmyadmin;
proxy_redirect http://127.0.0.1:8080/ $scheme://$host/;
proxy_redirect http://localhost:8080/ $scheme://$host/;
proxy_cookie_domain 127.0.0.1 $host;
proxy_cookie_domain localhost $host;
}
And you also want to setup the cookie so login works
I am configuring SSL on kurento using nginx on frontend. But my webSocket connection break after 4 minutes. Here is my nginix conf inside sites-enabled.
server {
listen 443;
#host name to respond to
server_name ****.com;
# your SSL configuration
ssl on;
ssl_certificate /etc/letsencrypt/live/****.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/****.com/privkey.pem;
location / {
# redirect all HTTP traffic to localhost:8080
proxy_pass https://localhost:8443;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 86400s;
proxy_read_timeout 86400s;
keepalive_timeout 0;
# WebSocket support (nginx 1.4)
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}