之前做的那个chrome插件的项目Sync Sofa,其实业务量很小但是必须要走443的端口,强行占了一台服务器!不能忍,无奈好几次Nginx反向代理都失败了,前两次累计花了七八个小时都没成功,在朋友的帮助下3小时手工!

感谢!她和她的猫

#配置 websocket

首先确保有golang的环境,如果没有:

1
yum install golang -y

安装客户端:

1
2
3
4
5
6
7
# 国内访问炒鸡慢,挂个代理
export GOPROXY=https://goproxy.io

go get github.com/LouisYLWang/Sync-Sofa/server
cd $GOPATH/src/github.com/LouisYLWang/Sync-Sofa/server
go install
cd $GOPATH/bin

创建一个config.json

1
vi config.json
1
2
3
4
{
  "addr": ":81",
  "runmode": "dev"
}

#配置 nginx

SSL的相关证书拷贝到 nginx 相关目录下:

1
2
mv sync.pem /etc/nginx/cert/
mv sync.key /etc/nginx/cert/
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
http {
	...
	map $http_upgrade $connection_upgrade {
		default upgrade;
		'' close;
	}


	upstream websocket {
		server 127.0.0.1:81;
	}

	upstream web{
		server 127.0.0.1:81;
	}
	...
	server {
		listen 443  default ssl;
		server_name sync-cn.onns.xyz;
		ssl_certificate /etc/nginx/cert/sync.pem;
		ssl_certificate_key /etc/nginx/cert/sync.key;
		ssl_session_timeout 5m;
		ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
		ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
		ssl_prefer_server_ciphers on;

		location / {
			proxy_set_header X-Real-IP $remote_addr;
			proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
			proxy_set_header Host  $http_host;
			proxy_set_header X-Nginx-Proxy true;
			proxy_set_header Connection "";
			proxy_pass http://web;
		}
		location /ws {
			proxy_pass http://websocket;
			proxy_http_version 1.1;
			proxy_set_header Upgrade $http_upgrade;
			proxy_set_header Connection $connection_upgrade;
			proxy_set_header Host $host;
			proxy_set_header X-Real-IP $remote_addr;
		}
	}
	...
}

主要可以参考一下 Nginx 的官方博客:NGINX as a WebSocket Proxy,但是也只是能参考。。里面给的命令都过期了,尤其是,node不要用yum装,各种旧版本。

#参考链接