我使用Nginx作为web主机和代理在同一设备上运行的websocket,监听端口8888.试图找到一种方法让Nginx监听80并将websocket请求转发到内部端口.不将新端口暴露给外部.这有可能吗?
更新:
这是我目前的配置:
error_log /var/log/Nginx/error_log.log warn;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream websocket {
server localhost:8888;
}
server {
listen 80;
#listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html/EncoderAdmin;
# Add index.PHP to the list if you are using PHP
index index.PHP index.html index.htm index.Nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file,then
# as directory,then fall back to displaying a 404.
try_files $uri $uri/ =404;
auth_basic "Restricted Content";
auth_basic_user_file /etc/Nginx/.htpasswd;
}
location /ws {
proxy_pass http://localhost:8888;
proxy_http_version 1.1;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
当我尝试使用ws:// [address] / ws连接到它时,我得到:
与’ws:// [地址] / ws’的WebSocket连接失败:WebSocket握手期间出错:意外响应代码:400
最佳答案
是的,可以假设您可以区分正常的HTTP请求和套接字请求.
原文链接:https://www.f2er.com/nginx/434916.html最简单的解决方案是将套接字uri与位置匹配,例如,对/ ws的所有请求将被重定向到localhost:8888,任何其他URL到localhost:8889.这是配置的一个例子
server {
server_name _;
location /ws {
proxy_pass http://localhost:8888;
# this magic is needed for WebSocket
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
}
location / {
proxy_pass http://localhost:8889;
}
}
您还应该记得将websocket服务器绑定到localhost:8888而不是0.0.0.0:8888.不需要此步骤,但使用它原始端口不会暴露!
