2

I have browser and server on ip-address a.b.c.d Now I have 2 possible URLs to server:

  1. Through Nginx from browser

    browser -> https://a.b.c.d/ -> server

  2. Through WSS from javascript

    browser -> wss://a.b.c.d:10062 -> server

So, server listnes on 443 (nginx), and some other application on 10062. I want to change second connection to the same port (443):

browser -> wss://a.b.c.d/someurl -> server

So Is it possible to proxy in nginx to a.b.c.d:10062, something like this:

server {
    listen 80;
    listen 443 ssl;
    ssl_certificate /path/to/crt/for/https;
    ssl_certificate_key /path/to/key/for/https;

    server_name a.b.c.d;

    location /someurl  {             
        -->> What to write here to create redirect for wss://a.b.c.d:10062 ?  << --
    }

    # the other locations here ('/', etc)
    # ... 
    # ...
 }

I tried next:

map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

location /someurl {
    proxy_pass http://127.0.0.1:10062;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
}

But when go to https://a.b.c.d/someurl for test it shows

2015/12/14 16:12:51 [error] 371#0: *113 connect() failed (111: Connection refused) 
while connecting to upstream, client: my_ip, server: a.b.c.d, request: "GET /someurl HTTP/1.1", 
upstream: "http://127.0.0.1:10062/someurl", host: "a.b.c.d"

BUT!: Netstat shows this:

sudo netstat -tnlp | grep :10062
tcp        0      0 a.b.c.d:10062          0.0.0.0:*                   LISTEN      5702/webrtc2sip

So seems like I need specify a.b.c.d instead of 127.0.0.1, so I tried

location /someurl {
    proxy_pass http://a.b.c.d:10062;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
}

Result:

2015/12/14 16:54:11 [error] 13189#0: *123 recv() failed (104: Connection reset by peer) 
while reading response header from upstream, 
client: my_ip, server: a.b.c.d, request: "GET /someurl HTTP/1.1", upstream: "http://a.b.c.d:10062/someurl", host: "a.b.c.d"

Ok. I trunketed someurl when passing to proxy:

location = /someurl {
    return 302 /someurl/;
}

location /someurl/ {
      proxy_pass http://a.b.c.d:10062/;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection $connection_upgrade;
}

Now when I go to https://a.b.c.d/someurl or https://a.b.c.d/someurl/, it shows:

2015/12/14 17:14:45 [error] 15836#0: *70 recv() failed (104: Connection reset by peer) 
while reading response header from upstream, client: my_ip, server: a.b.c.d, request: "GET /someurl/ HTTP/1.1", upstream: "http://a.b.c.d:10062/", host: "a.b.c.d"

Why it shows upstream: "http://a.b.c.d:10062/"? Should not it show "wss://a.b.c.d:10062/"?

Ivan Borshchov
  • 133
  • 1
  • 10
  • See [this document](http://nginx.org/en/docs/http/websocket.html). – Richard Smith Dec 14 '15 at 12:46
  • 1
    Sorry, I edited question, now error is "Connection reset by peer", error "Connection refused" was wrong because application was listen on a.b.c.d:10062, not on 127.0.0.1:10062. Can question be unmarked as duplicate? – Ivan Borshchov Dec 14 '15 at 14:59
  • Flag the question to get an admin consider your request. I don't think admins are notified that you added a comment to this question. – Déjà vu Dec 14 '15 at 15:27

1 Answers1

2

To answer your question:

"Why it shows upstream: "http://a.b.c.d:10062/"? Should not it show "wss://a.b.c.d:10062/"?"

Nginx displays the URI that way because that's how it's provided in the configuration:

proxy_pass http://a.b.c.d:10062;

I don't think that detail is an indicator of your problem, since it seems you've followed the recommended syntax for using Nginx as a WebSocket proxy.

Mark Stosberg
  • 3,771
  • 23
  • 27