docker 中的 nginx + websocket 代理 + Ratchet

Posted 2023-02-16

【中文标题】docker 中的 nginx + websocket 代理 + Ratchet

【英文标题】：nginx + websocket proxy + Ratchet in docker

【发布时间】：2020-12-11 10:33:06

【问题描述】：

我们有 symfony 应用程序，他们将 Ratchet php 用于 websocket。这个应用程序是一个 docker 容器。 在服务器上，我们使用带有代理的 nginx 来服务 docker app。它适用于 443 中的 http 请求。 但是使用 websocket 我们有错误：failed: Error during WebSocket handshake: Unexpected response code: 502.

你有什么想法吗？

谢谢。

我们的 nginx 配置：

map $http_upgrade $connection_upgrade 
    default upgrade;
    '' close;

 
upstream websocket 
   server 127.0.0.1:8081;


server 
    server_name my-domain.fr;

    location /ws 
        proxy_pass http://websocket;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_set_header Host $host;
    
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;
        proxy_read_timeout 86400; # neccessary to avoid websocket timeout disconnect
        proxy_redirect off;
    

    location / 
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_buffer_size          128k;
        proxy_buffers              4 256k;
        proxy_busy_buffers_size    256k;
        proxy_pass http://127.0.0.1:8080;
       

    listen [::]:443 ssl ipv6only=on http2; # managed by Certbot
    listen 443 ssl http2;
    ssl on;
    ssl_certificate /etc/letsencrypt/live/my-domain.fr/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/my-domain.fr/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


server 
    if ($host = my-domain.fr) 
        return 301 https://$host$request_uri;
     # managed by Certbot


    listen 80;
    listen [::]:80;
    server_name my-domain.fr;
    return 404; # managed by Certbot

【参考方案1】：

我发现了问题，这是我的棘轮配置。 我换成

 $server = ioserver::factory(
            new HttpServer(
                new WsServer(
                    new Chat($this->containerInterface, $this->entityManager)
                )
            ),
            $this->params->get('chat.ws_port'),
            '127.0.0.1'
        );

通过

 $server = IoServer::factory(
            new HttpServer(
                new WsServer(
                    new Chat($this->containerInterface, $this->entityManager)
                )
            ),
            $this->params->get('chat.ws_port'),
            '0.0.0.0'
        );