Nginx 如何反代 wss 连接?

查看 17|回复 0
作者:Llesue   
我当前的设置时这样的,抄了很多教程,但是不懂原理感觉抄也是白抄,不管用。
server {
        listen 86;
        server_name box.example.com file.example.com files.example.com pan.example.com;
        if ($scheme = http){
                return 301 https://$server_name:88$request_uri;
        }
}
map $http_upgrade $connection_upgrade {
        default upgrade;
        '' close;
}
server {
    listen 88 ssl http2;
    server_name box.example.com;
    error_page 497 301 =307 https://$host:$server_port$request_uri;
    ssl_certificate /etc/letsencrypt/live/box.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/box.example.com/privkey.pem;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.8.8 8.8.4.4 valid=300s;
    resolver_timeout 5s;
    location / {
        proxy_pass http://localhost:8687;
        proxy_set_header HOST $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-NginX-Proxy true;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "";
        proxy_max_temp_file_size 0;
        proxy_read_timeout 500s;
        proxy_connect_timeout 600;
        proxy_send_timeout 240;
    }
    location /api/command/ {
        proxy_pass http://localhost:8687;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}
您需要登录后才可以回帖 登录 | 立即注册

返回顶部