IPv6 Functionality for WebSocket Proxy
This is a multipart message in MIME format. ------=_NextPart_000_02AD_01D01AA1.DD69F530 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit I just realized this morning that my noVNC connections were not working for IPv6 only on cloudspin.me For those who want to deploy dual stack functionality for ovirt-websocket-proxy here is a very simple and elegant fix. NGINX is a useful tool :) You will need nginx to proxy the connection between your IPv6 customers, and the IPv4 listening only websocket proxy(however that can be changed in /usr/share/ovirt-engine/services/ovirt-websocket-proxy/ovirt-websocket-proxy .conf but you can't have your cake and eat it too. one or the other ipv4 or ipv6) Anyways, here is the fix Install nginx on your websocket proxy server - Why Nginx, because I like it better than apache. The default config for Ovirt could be setup to do this with the web server that is already running :) just sayin For my configuration I am running the websocket proxy on a different host, but I imagine you could use this config in a full deployment and use websocket proxy on the engine host server { server_name web.cloudspin.me; # this is the hostname that you told the engine that the websocket proxy would be listening on #listen 6100; #Commented because I am using this for ipv6 only, but you could use nginx to proxy both and only open one port in the firewall listen [::]:6100 ssl; #NOTE this needs to listen on the same port you told the engine the websocket proxy would be listening on ssl_certificate /physical/path/to/ssl/cert; #I used the same cert that my websocket proxy is using ssl_certificate_key /physical/path/to/ssl/key; ssl on; ssl_session_cache builtin:1000 shared:SSL:10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4; ssl_prefer_server_ciphers on; access_log /var/log/nginx/websocket.cloudspin.me-access.log; error_log /var/log/nginx/websocket.cloudspin.me-error.log; location / { proxy_pass https://ip_address_of_websocket_proxy:6100; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } Too easy to fix the many problems I have had getting websocket proxy to work. If you have a commerical cert and key, this would be a great place to put it, so your users don't have to bother with trusting your CA, it will just work Cheers and I hope this helps If anyone needs any help getting this to work give me a shout Donny D cloudspin.me ------=_NextPart_000_02AD_01D01AA1.DD69F530 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <html xmlns:v=3D"urn:schemas-microsoft-com:vml" = xmlns:o=3D"urn:schemas-microsoft-com:office:office" = xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" = xmlns=3D"http://www.w3.org/TR/REC-html40"><head><meta = http-equiv=3DContent-Type content=3D"text/html; = charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 14 = (filtered medium)"><style><!-- /* Font Definitions */ @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} @font-face {font-family:"Lucida Console"; panose-1:2 11 6 9 4 5 4 2 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:"Calibri","sans-serif";} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:purple; text-decoration:underline;} span.EmailStyle17 {mso-style-type:personal-compose; font-family:"Calibri","sans-serif"; color:windowtext;} .MsoChpDefault {mso-style-type:export-only; font-family:"Calibri","sans-serif";} @page WordSection1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.WordSection1 {page:WordSection1;} --></style><!--[if gte mso 9]><xml> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" /> </xml><![endif]--><!--[if gte mso 9]><xml> <o:shapelayout v:ext=3D"edit"> <o:idmap v:ext=3D"edit" data=3D"1" /> </o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue = vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal>I just = realized this morning that my noVNC connections were not working for = IPv6 only on cloudspin.me<o:p></o:p></p><p class=3DMsoNormal>For those = who want to deploy dual stack functionality for ovirt-websocket-proxy = here is a very simple and elegant fix. <o:p></o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal>NGINX is a = useful tool :)<o:p></o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal>You will = need nginx to proxy the connection between your IPv6 customers, and the = IPv4 listening only websocket proxy(however that can be changed in = /usr/share/ovirt-engine/services/ovirt-websocket-proxy/ovirt-websocket-pr= oxy.conf but you can't have your cake and eat it too… one or the = other ipv4 or ipv6)<o:p></o:p></p><p class=3DMsoNormal>Anyways, here is = the fix<o:p></o:p></p><p class=3DMsoNormal><o:p> </o:p></p><p = class=3DMsoNormal>Install nginx on your websocket proxy server - Why = Nginx, because I like it better than apache. The default config for = Ovirt could be setup to do this with the web server that is already = running :) just sayin<o:p></o:p></p><p class=3DMsoNormal>For my = configuration I am running the websocket proxy on a different host, but = I imagine you could use this config in a full deployment and use = websocket proxy on the engine host<o:p></o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida Console"'>server = {<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> server_name = web.cloudspin.me; # this is the hostname that you told the engine that = the websocket proxy would be listening on<o:p></o:p></span></p><p = class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> #listen = 6100; &n= bsp; #Commented because I am using this for ipv6 only, but you could use = nginx to proxy both and only open one port in the = firewall<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> listen [::]:6100 = ssl; #NOTE this needs to listen on the same port = you told the engine the websocket proxy would be listening = on <o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> ssl_certificate= = /physical/path/to/ssl/cert; #I used the same cert that my websocket = proxy is using<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> = ssl_certificate_key = /physical/path/to/ssl/key;<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> ssl = on;<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> = ssl_session_cache builtin:1000 = shared:SSL:10m;<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> ssl_protocols = TLSv1 TLSv1.1 TLSv1.2;<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> ssl_ciphers = HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;<o:p></o:p></spa= n></p><p class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida Console"'> = ssl_prefer_server_ciphers = on;<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> access_log = /var/log/nginx/websocket.cloudspin.me-access.log;<o:p></o:p></span></p><p= class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> error_log = /var/log/nginx/websocket.cloudspin.me-error.log;<o:p></o:p></span></p><p = class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> location / = {<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> &nb= sp; proxy_pass = https://ip_address_of_websocket_proxy:6100;<o:p></o:p></span></p><p = class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> = proxy_http_version 1.1;<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> = proxy_set_header Upgrade $http_upgrade;<o:p></o:p></span></p><p = class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> = proxy_set_header Connection "upgrade";<o:p></o:p></span></p><p = class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> &nb= sp; <o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> }<o:p></o:p></s= pan></p><p class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> }<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida Console"'>Too easy to fix = the many problems I have had getting websocket proxy to work. If you = have a commerical cert and key, this would be a great place to put it, = so your users don't have to bother with trusting your CA, it will just = work <o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida Console"'>Cheers and I = hope this helps<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida Console"'>If anyone needs = any help getting this to work give me a shout<o:p></o:p></span></p><p = class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida Console"'>Donny = D<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'>cloudspin.me<o:p></o:p></span></p><p = class=3DMsoNormal><o:p> </o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p = class=3DMsoNormal><o:p> </o:p></p></div></body></html> ------=_NextPart_000_02AD_01D01AA1.DD69F530--
This is a multipart message in MIME format. ------=_NextPart_000_02C0_01D01AA2.54DA4840 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit I would also like to note that if nginx and websocket proxy are on the same machine you cannot have both nginx and websocket proxy listening on 6100. it would be best to change the websocket proxy listening port and then proxy both ipv4 and 6 with nginx :) From: users-bounces@ovirt.org [mailto:users-bounces@ovirt.org] On Behalf Of Donny Davis Sent: Thursday, December 18, 2014 9:06 AM To: users@ovirt.org Subject: [ovirt-users] IPv6 Functionality for WebSocket Proxy I just realized this morning that my noVNC connections were not working for IPv6 only on cloudspin.me For those who want to deploy dual stack functionality for ovirt-websocket-proxy here is a very simple and elegant fix. NGINX is a useful tool :) You will need nginx to proxy the connection between your IPv6 customers, and the IPv4 listening only websocket proxy(however that can be changed in /usr/share/ovirt-engine/services/ovirt-websocket-proxy/ovirt-websocket-proxy .conf but you can't have your cake and eat it too. one or the other ipv4 or ipv6) Anyways, here is the fix Install nginx on your websocket proxy server - Why Nginx, because I like it better than apache. The default config for Ovirt could be setup to do this with the web server that is already running :) just sayin For my configuration I am running the websocket proxy on a different host, but I imagine you could use this config in a full deployment and use websocket proxy on the engine host server { server_name web.cloudspin.me; # this is the hostname that you told the engine that the websocket proxy would be listening on #listen 6100; #Commented because I am using this for ipv6 only, but you could use nginx to proxy both and only open one port in the firewall listen [::]:6100 ssl; #NOTE this needs to listen on the same port you told the engine the websocket proxy would be listening on ssl_certificate /physical/path/to/ssl/cert; #I used the same cert that my websocket proxy is using ssl_certificate_key /physical/path/to/ssl/key; ssl on; ssl_session_cache builtin:1000 shared:SSL:10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4; ssl_prefer_server_ciphers on; access_log /var/log/nginx/websocket.cloudspin.me-access.log; error_log /var/log/nginx/websocket.cloudspin.me-error.log; location / { proxy_pass https://ip_address_of_websocket_proxy:6100; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } } Too easy to fix the many problems I have had getting websocket proxy to work. If you have a commerical cert and key, this would be a great place to put it, so your users don't have to bother with trusting your CA, it will just work Cheers and I hope this helps If anyone needs any help getting this to work give me a shout Donny D cloudspin.me ------=_NextPart_000_02C0_01D01AA2.54DA4840 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <html xmlns:v=3D"urn:schemas-microsoft-com:vml" = xmlns:o=3D"urn:schemas-microsoft-com:office:office" = xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" = xmlns=3D"http://www.w3.org/TR/REC-html40"><head><META = HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; = charset=3Dus-ascii"><meta name=3DGenerator content=3D"Microsoft Word 14 = (filtered medium)"><style><!-- /* Font Definitions */ @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} @font-face {font-family:Tahoma; panose-1:2 11 6 4 3 5 4 4 2 4;} @font-face {font-family:"Lucida Console"; panose-1:2 11 6 9 4 5 4 2 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:"Calibri","sans-serif";} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:purple; text-decoration:underline;} span.EmailStyle17 {mso-style-type:personal; font-family:"Calibri","sans-serif"; color:windowtext;} span.EmailStyle18 {mso-style-type:personal-reply; font-family:"Calibri","sans-serif"; color:#1F497D;} .MsoChpDefault {mso-style-type:export-only; font-size:10.0pt;} @page WordSection1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.WordSection1 {page:WordSection1;} --></style><!--[if gte mso 9]><xml> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" /> </xml><![endif]--><!--[if gte mso 9]><xml> <o:shapelayout v:ext=3D"edit"> <o:idmap v:ext=3D"edit" data=3D"1" /> </o:shapelayout></xml><![endif]--></head><body lang=3DEN-US link=3Dblue = vlink=3Dpurple><div class=3DWordSection1><p class=3DMsoNormal><span = style=3D'color:#1F497D'>I would also like to note that if nginx and = websocket proxy are on the same machine you cannot have both nginx and = websocket proxy listening on 6100… it would be best to change the = websocket proxy listening port and then proxy both ipv4 and 6 with nginx = :)<o:p></o:p></span></p><p class=3DMsoNormal><span = style=3D'color:#1F497D'><o:p> </o:p></span></p><div><div = style=3D'border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in = 0in 0in'><p class=3DMsoNormal><b><span = style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span>= </b><span style=3D'font-size:10.0pt;font-family:"Tahoma","sans-serif"'> = users-bounces@ovirt.org [mailto:users-bounces@ovirt.org] <b>On Behalf Of = </b>Donny Davis<br><b>Sent:</b> Thursday, December 18, 2014 9:06 = AM<br><b>To:</b> users@ovirt.org<br><b>Subject:</b> [ovirt-users] IPv6 = Functionality for WebSocket Proxy<o:p></o:p></span></p></div></div><p = class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal>I just = realized this morning that my noVNC connections were not working for = IPv6 only on cloudspin.me<o:p></o:p></p><p class=3DMsoNormal>For those = who want to deploy dual stack functionality for ovirt-websocket-proxy = here is a very simple and elegant fix. <o:p></o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal>NGINX is a = useful tool :)<o:p></o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal>You will = need nginx to proxy the connection between your IPv6 customers, and the = IPv4 listening only websocket proxy(however that can be changed in = /usr/share/ovirt-engine/services/ovirt-websocket-proxy/ovirt-websocket-pr= oxy.conf but you can't have your cake and eat it too… one or the = other ipv4 or ipv6)<o:p></o:p></p><p class=3DMsoNormal>Anyways, here is = the fix<o:p></o:p></p><p class=3DMsoNormal><o:p> </o:p></p><p = class=3DMsoNormal>Install nginx on your websocket proxy server - Why = Nginx, because I like it better than apache. The default config for = Ovirt could be setup to do this with the web server that is already = running :) just sayin<o:p></o:p></p><p class=3DMsoNormal>For my = configuration I am running the websocket proxy on a different host, but = I imagine you could use this config in a full deployment and use = websocket proxy on the engine host<o:p></o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida Console"'>server = {<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> server_name = web.cloudspin.me; # this is the hostname that you told the engine that = the websocket proxy would be listening on<o:p></o:p></span></p><p = class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> #listen = 6100; &n= bsp; #Commented because I am using this for ipv6 only, but you could use = nginx to proxy both and only open one port in the = firewall<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> listen [::]:6100 = ssl; #NOTE this needs to listen on the same port = you told the engine the websocket proxy would be listening = on <o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> ssl_certificate= = /physical/path/to/ssl/cert; #I used the same cert that my websocket = proxy is using<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> = ssl_certificate_key = /physical/path/to/ssl/key;<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> ssl = on;<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> = ssl_session_cache builtin:1000 = shared:SSL:10m;<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> ssl_protocols = TLSv1 TLSv1.1 TLSv1.2;<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> ssl_ciphers = HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;<o:p></o:p></spa= n></p><p class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida Console"'> = ssl_prefer_server_ciphers = on;<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> access_log = /var/log/nginx/websocket.cloudspin.me-access.log;<o:p></o:p></span></p><p= class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> error_log = /var/log/nginx/websocket.cloudspin.me-error.log;<o:p></o:p></span></p><p = class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> location / = {<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> &nb= sp; proxy_pass <a = href=3D"https://ip_address_of_websocket_proxy:6100">https://ip_address_of= _websocket_proxy:6100</a>;<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> = proxy_http_version 1.1;<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> = proxy_set_header Upgrade $http_upgrade;<o:p></o:p></span></p><p = class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> = proxy_set_header Connection "upgrade";<o:p></o:p></span></p><p = class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> &nb= sp; <o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> }<o:p></o:p></s= pan></p><p class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'> }<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida Console"'>Too easy to fix = the many problems I have had getting websocket proxy to work. If you = have a commerical cert and key, this would be a great place to put it, = so your users don't have to bother with trusting your CA, it will just = work <o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida Console"'>Cheers and I = hope this helps<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida Console"'>If anyone needs = any help getting this to work give me a shout<o:p></o:p></span></p><p = class=3DMsoNormal style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'><o:p> </o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida Console"'>Donny = D<o:p></o:p></span></p><p class=3DMsoNormal = style=3D'text-autospace:none'><span = style=3D'font-size:10.0pt;font-family:"Lucida = Console"'>cloudspin.me<o:p></o:p></span></p><p = class=3DMsoNormal><o:p> </o:p></p><p = class=3DMsoNormal><o:p> </o:p></p><p = class=3DMsoNormal><o:p> </o:p></p></div></body></html> ------=_NextPart_000_02C0_01D01AA2.54DA4840--
participants (1)
-
Donny Davis