rgordeev · January 21, 2019 10:47
diff --git a/nginx.conf b/nginx.conf
 # First configure reverse proxy before server,
 # that will transfer WSS inbound traffic to unsecure local server, namely:
 server {
  # This is your reqular configuration for SSL connections to website
  # Set port to listen ssl connections
  listen 443 ssl;
  # Set hosts names to handle
  server_name example.com www.example.com

  # Set sertificate configuration
  ssl_certificate_key /etc/ssl/private/example.com.key;
  ssl_certificate /etc/ssl/private/example.com.crt.fullchain;
  ssl_protocols TLSv1.2;
  ssl_ciphers EECDH+AESGCM: EDH+AESGCM:AES2;

  # ...
  # Some other required instructions
  # ...

  # Add additional "location" section for Websockets requests handling
  location /ws {
    # redirect all traffic to localhost:8080;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-NginX-Proxy true;
    proxy_set_header X-Forwarded-Proto $scheme;

    # proxy requests to localhost 8080 port
    proxy_pass http://127.0.0.1:8080/;
    # turn inner redirects off
    proxy_redirect off;
    # set timeout to read proxy server response
    proxy_read_timeout 86400;

    # enables WS support
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";

    # prevents 502 bad gateway error
    proxy_buffers 8 32k;
    proxy_buffer_size 64k;
    # allow to reset connections on timeout
    reset_timedout_connection on;
    # configure access and error logs for ws connections
    error_log /var/log/nginx/wss_error.log;
    access_log /var/log/nginx/wss_access.log;
  }

  # ...
  # configure access and error logs for whole server
  error_log /var/log/nginx/https_error.log;
  access_log /var/log/nginx/https_access.log;
 }
	# First configure reverse proxy before server,
	# that will transfer WSS inbound traffic to unsecure local server, namely:
	server {
	# This is your reqular configuration for SSL connections to website
	# Set port to listen ssl connections
	listen 443 ssl;
	# Set hosts names to handle
	server_name example.com www.example.com

	# Set sertificate configuration
	ssl_certificate_key /etc/ssl/private/example.com.key;
	ssl_certificate /etc/ssl/private/example.com.crt.fullchain;
	ssl_protocols TLSv1.2;
	ssl_ciphers EECDH+AESGCM: EDH+AESGCM:AES2;

	# ...
	# Some other required instructions
	# ...

	# Add additional "location" section for Websockets requests handling
	location /ws {
	# redirect all traffic to localhost:8080;
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-NginX-Proxy true;
	proxy_set_header X-Forwarded-Proto $scheme;

	# proxy requests to localhost 8080 port
	proxy_pass http://127.0.0.1:8080/;
	# turn inner redirects off
	proxy_redirect off;
	# set timeout to read proxy server response
	proxy_read_timeout 86400;

	# enables WS support
	proxy_http_version 1.1;
	proxy_set_header Upgrade $http_upgrade;
	proxy_set_header Connection "upgrade";

	# prevents 502 bad gateway error
	proxy_buffers 8 32k;
	proxy_buffer_size 64k;
	# allow to reset connections on timeout
	reset_timedout_connection on;
	# configure access and error logs for ws connections
	error_log /var/log/nginx/wss_error.log;
	access_log /var/log/nginx/wss_access.log;
	}

	# ...
	# configure access and error logs for whole server
	error_log /var/log/nginx/https_error.log;
	access_log /var/log/nginx/https_access.log;
	}