node.js – 带有NGINX和https2的Socket.io

我有node.js应用程序,由NGINX提供服务.我无法连接socket.io并继续获取404请求建立连接的POST请求.

它在本地工作,因此它必须是NGINX问题.

  # HTTP - redirect all requests to HTTPS:
  server {
     listen 80;
     listen [::]:80;
     return 301 https://$host$request_uri;
  }
  # HTTPS - proxy requests on to local Node.js app:
  server {
     listen 443 ssl http2;
     server_name example.com;
     ssl on;
     ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
     ssl_session_timeout 5m;
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     ssl_prefer_server_ciphers on;
     ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
     location / {
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-NginX-Proxy true;
        proxy_set_header X-Forwarded-Proto https;
        proxy_pass http://127.0.0.1:8080;
        proxy_ssl_session_reuse off;
        proxy_set_header Host $http_host;
        proxy_cache_bypass $http_upgrade;
        proxy_redirect off;
     }
}

谢谢你的帮助.

最佳答案 由于Websockets正在使用HTTP 1.1中引入的Upgrade头,因此您需要在路由中专门使用此协议并将Connection头设置为要升级.

您还需要指定具有唯一名称的proxy_pass指令.

你的配置会是这样的:

upstream sockets {
  server localhost:8080;
}

# HTTP - redirect all requests to HTTPS:
server {
  listen 80;
  listen [::]:80;
  return 301 https://$host$request_uri;
}

# HTTPS - proxy requests on to local Node.js app:
server {
     listen 443 ssl http2;
     server_name example.com;
     ssl on;
     ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
     ssl_session_timeout 5m;
     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     ssl_prefer_server_ciphers on;
     ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

     location / {

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-NginX-Proxy true;
        proxy_set_header X-Forwarded-Proto https;
        proxy_set_header Host $host;

        proxy_pass http://sockets;

        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_set_header Host $http_host;

        proxy_http_version 1.1;
        proxy_ssl_session_reuse off;
        proxy_cache_bypass $http_upgrade;
        proxy_redirect off;
     }

}
点赞