2

i am running a nginx on my Debian 8.5 64bit which is used as reverse proxy for my node applications. Each request walks through my reverse proxy before getting routed to the special apps. Therefor i am using this config:

upstream socket_nodes {
  server 127.0.0.1:3000;
  server myUrl.com:3000;
  server MY.ROOTSERVER.IP.ADDRESS:3000;
}
server {
  listen 80 default_server;
  listen [::]:80 default_server;
  server_name myUrl.com;
  return 301 https://$server_name$request_uri;
}

server {
  # SSL configuration
  #
  listen 443 ssl default_server;
  listen [::]:443 ssl default_server;
  include snippets/ssl-my-website.com.conf;
  include snippets/ssl-params.conf; 

  # Self signed certs generated by the ssl-cert package
  # Don't use them in a production server!
  #
  # include snippets/snakeoil.conf;

  # Add index.php to the list if you are using PHP
  index index.html index.htm index.nginx-debian.html;

  server_name www.myWebsite.com;
  root /root/webserver/app/;
    location ~ /.well-known {
            allow all;
    }
  location / {
     proxy_pass http://localhost:8080;
         proxy_http_version 1.1;
         proxy_set_header Upgrade $http_upgrade;
         proxy_set_header Connection 'upgrade';
         proxy_set_header Host $host;
         proxy_cache_bypass $http_upgrade;
  }
    location /alexa-api/ {
     proxy_pass http://localhost:3000;
  }
  location /at_backend/ {
    proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_http_version 1.1;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $host;
        proxy_pass http://socket_nodes;
  }


  # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
  #
  #location ~ \.php$ {
  # include snippets/fastcgi-php.conf;
  #
  # # With php5-cgi alone:
  # fastcgi_pass 127.0.0.1:9000;
  # # With php5-fpm:
  # fastcgi_pass unix:/var/run/php5-fpm.sock;
  #}

  # deny access to .htaccess files, if Apache's document root
  # concurs with nginx's one
  #
  #location ~ /\.ht {
  # deny all;
  #}
}

Sadly this is not working. I can reach my website via https (https://www.myWebsite.com) and it works fine.

So i changed the endpoint of my alexa skill in the Amazon Developer Console to: https://www.myWebsite.com/alexa-api (with and without trailing /) but it is not working. The skill server itself worked when i used it locally and made it available via ngrok. What am i doing wrong here?

edit:

There is also a socket.io server running in the same app which can be accessed from the internet (the server loggs "new client connected") - but i can not emit any events between them. The HTTP Status Code of the socket.io connection is (correctly) 101 Switching Protocols.

Greetings

messerbill
  • 5,499
  • 1
  • 27
  • 38
  • Can you ping through from Nginx machine to alexa skill server – Larry.He Mar 22 '18 at 04:25
  • @Larry.He the nginx and the alexa skill server run on the same system. And a client which connects to the socket.io server (which is the same app) is logged – messerbill Mar 22 '18 at 08:17
  • Maybe you ignored `/alexa-api`, use `http://localhost:3000/alexa-api` to access the alexa skill server directly – Larry.He Mar 22 '18 at 09:05
  • @Larry.He are you talking about the `upstream socket_nodes` block? – messerbill Mar 22 '18 at 16:41
  • @Larry.He if i add `/alexa-api` to the socket_nodes it becomes "invalid" – messerbill Mar 22 '18 at 20:17
  • I mean you should make sure the backend server support the same API (include the path, such as '/alexa-api') as the location path. – Larry.He Mar 23 '18 at 01:38
  • @Larry.He sorry i am quite nooby with hosting....do you mean something like `app.use('/alexa-api/')`? – messerbill Mar 24 '18 at 14:27
  • what version of nginx is this? could also be related to nginx not keeping the socket open (though it doesn't seem likely since he didn't mention the client screaming about it) https://stackoverflow.com/questions/10550558/nginx-tcp-websockets-timeout-keepalive-config – Catalyst Mar 25 '18 at 03:44
  • @Catalyst `nginx/1.6.2` but the socket.io server does not log a disconnect (only if i reload the page, so i guess the connection itself is established). In the Chrome Developer Tools under "network" i see the Frames of the socket.io connection: Always `2 Probe` `3 Probe` `2` `3` `2` `3` `2`..... – messerbill Mar 26 '18 at 22:04
  • Try this solution https://stackoverflow.com/a/62187296/268598 – Umanda Jun 04 '20 at 05:18

1 Answers1

0

When you have a HTTPS you should also pass https scheme

proxy_pass https://socket_nodes;
Simon Novak
  • 36
  • 2