-
Notifications
You must be signed in to change notification settings - Fork 0
Notes about the socket server
Michael Whittaker edited this page Nov 30, 2016
·
1 revision
You might not want to only use the ruby webserver, so you can put a reverse proxy like NGINX (> 1.3) in front of it. Using this, you can also enable SSL and non SSL connections handled by the webserver:
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name websocket.example.com;
ssl_certificate /path/to/your/certificate.pem;
ssl_certificate_key /path/to/your/private.key;
ssl_session_timeout 120m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:8888; # faye usually runs on this port. for multiple nodes use ip_hash style.
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server { # you can skip this section if you only want HTTPS-websockets
listen 80;
listen [::]:80;
server_name websocket.example.com;
location / {
proxy_pass http://127.0.0.1:8888;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
# put the following in the http {} section of your nginx.conf
# map $http_upgrade $connection_upgrade {
# default upgrade;
# '' close;
# }