主要看 location 中的,注意:
- proxy_read_timeout,默认是 60s,如果不设置长一点,会看到
websocket server收到大量请求;然后从浏览器看,前端每分钟都在创建新的websocket连接;详见:http://nginx.org/en/docs/http/websocket.html - 如果用 uvicorn,nginx 不能开启
keepalive,否则websocket server会报WARNING: Invalid HTTP request received.
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream backend {
server ws-backend:8000;
# keepalive 256; # uvicorn bug: https://github.com/encode/uvicorn/issues/344
}
server {
listen 443 ssl;
server_name YOUR-DOMAIN;
# gzip
gzip on;
gzip_proxied any;
gzip_types text/plain application/javascript application/x-javascript text/javasc
ript text/xml text/css;
gzip_vary on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
# ssl
ssl_certificate /etc/nginx/ssl/cert.cer;
ssl_certificate_key /etc/nginx/ssl/key.pem;
ssl_trusted_certificate /etc/nginx/ssl/cert.cer;
keepalive_requests 512;
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
# By default, the connection will be closed if the proxied server does not
# transmit any data within 60 seconds.
proxy_read_timeout 3600s;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_redirect off;
proxy_pass http://backend;
}
}