django-private-chat icon indicating copy to clipboard operation
django-private-chat copied to clipboard
verified publisher icon Bearle

Websockets configuration with nginx and SSL

Open MikVidal opened this issue 7 years ago • 3 comments

After adding the SSL certificates successfully, we are getting a timeout error on the browser. See here screenshot of the browser's log:

https://drive.google.com/file/d/1S3WiUlALcNfYEKo3SENMmga9ktDUaNgb/view?usp=sharing

Has anyone experienced anything similar? Please, let me know if you need more details of the set up.

See below our nginx configuration

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/casista.com-0001/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/casista.com-0001/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    upstream chatserver {
    server ec2-13-58-129-240.us-east-2.compute.amazonaws.com:8765;
    }

    client_max_body_size 4G;

    access_log /var/log/nginx/casista-access.log;
    error_log /var/log/nginx/casista-error.log;

    location = /favicon.ico { access_log off; log_not_found off; }

    location / {
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto https;
            proxy_set_header Host $host;
            proxy_redirect off;

            if (!-f $request_filename) {
                    proxy_pass http://unix:/home/ubuntu/mywasi-root/mywasi/mywasi.sock;
                    break;
            }

            # include proxy_params;

    location /ws {
            # proxy_pass http://ec2-13-58-129-240.us-east-2.compute.amazonaws.com:8765;
            proxy_pass http://chatserver;
            # proxy_pass http://localhost:8765;
            proxy_connect_timeout 7d;
            proxy_read_timeout 7d;
            proxy_send_timeout 7d;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";

    }

            auth_basic "Restricted content";
            auth_basic_user_file /etc/nginx/.htpasswd;
    }

    location /static/ {
            alias /home/ubuntu/mywasi-root/mywasi/staticfiles/;
            autoindex off;
    }

    location /media/ {
            alias /home/ubuntu/mywasi-root/mywasi/media/;
            autoindex off;
    }

@polrodoreda

MikVidal avatar Jun 11 '18 17:06 MikVidal

You seem to be using a 'wss' server? Have you modified run_chat_server to be secure (asking mostly since I'm interested in being able to do so)?

zsmith3 avatar Jul 12 '18 15:07 zsmith3

Hi @MikVidal Where did you configure to listen the chat server on a public address? Please suggest. Thank you?

patelrajnath avatar Dec 08 '18 11:12 patelrajnath

Hi @MikVidal, do you mind showing me how you were able to get this to work on AWS? it fails to connect when I try

ORC-1 avatar Aug 23 '19 11:08 ORC-1