Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
# File: /etc/nginx/sites-available/osrf-proxy-443 (symlink to sites-enabled)
# NOTE: The certificate in /etc/apache2/ssl/* has to be trusted by
# Chrome or websockets proxying will fail. Clicking through the
# SSL warning was not enough to make it succeed.
server {
listen 443;
ssl on;
ssl_certificate /etc/apache2/ssl/server.crt;
ssl_certificate_key /etc/apache2/ssl/server.key;
location / {
# Configure Apache to listen on 4443 instead of 443.
proxy_pass https://localhost:4443;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /osrf-websocket-translator {
# Modify opensrf_ws.js and set: var WEBSOCKET_PORT_SSL = 443
# Proxy WS connections internally w/o SSL.
proxy_pass http://localhost:7680;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Raise the default nginx proxy timeout values to an arbitrarily
# high value so that we can leverage osrf-websocket-translator's
# timeout settings.
proxy_connect_timeout 5m;
proxy_send_timeout 1h;
proxy_read_timeout 1h;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.