I am trying to run a Node.js server (with socket.io) as a pub/sub server for my main app. I pushed it to the server and created a subdomain (with SSL). My client HTML page can load the socket.io/socket.io.js, but the WSS handshake dont work as expected:
WebSocket connection to
'wss://ws.example.com/socket.io/?EIO=3&transport=websocket&sid=ogEegJXhjFh5lplgAAAF'
failed: Error during WebSocket handshake: Unexpected response code: 502
I've got a SSL subdomain defined in my nginx like this:
server {
listen 80;
listen 443 default ssl;
server_name ws.example.com;
# ssl on;
ssl_certificate /etc/nginx/certificates/certificate-ws-example-com.crt;
ssl_certificate_key /etc/nginx/certificates/ws.example.com.key;
# Redirect all non-SSL traffic to SSL.
if ($ssl_protocol = "") {
rewrite ^ https://$host$request_uri? permanent;
}
location / {
proxy_pass http://localhost:6969;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection upgrade;
proxy_set_header Host $host;
access_log /var/log/nginx/example_production.access.log;
error_log /var/log/nginx/example_production.error.log;
}
}
And my Node.js (pm2) server responds me:
[error] 29726#0: *31 upstream prematurely closed connection
while reading response header from upstream,
client: 86.228.47.218,
server: ws.example.com,
request:
"GET /socket.io/?EIO=3&transport=websocket&sid=ogEegJXhjFh5lplgAAAF HTTP/1.1",
upstream:
"http://127.0.0.1:6969/socket.io/?EIO=3&transport=websocket&sid=ogEegJXhjFh5lplgAAAF",
host: "ws.example.com"
Related
I just installed Node.js application to dev environment. Configuration is :
Ubuntu 16.x
PHP 7.0
Node.js 8.x
Mysql
PhpMyAdmin
Nginx
My node app is using port 2000 and the subfolder name is nodeapp. Though phpmyadmin is opening properly, Node app is giving 502 Bad gateway.
Here is the nginx conf file :
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 2000;
root /home/pjsp/public_html;
index index.php index.html index.htm index.nginx-debian.html app.js;
server_name mydomain.com;
location /nodeapp {
proxy_pass http://localhost/nodeapp:2000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
Below is the error I am getting at /var/log/nginx/error.log file:
2018/06/02 13:13:15 [error] 32209#32209: *763 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 127.0.0.1, server: mydomain.com, request: "GET /nodeapp:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000
Please help!
Update:
New Config file:
server {
listen 80 default_server;
listen [::]:80 default_server;
#listen 2000;
root /home/pjsp/public_html;
index index.php index.html index.htm index.nginx-debian.html app.js;
server_name app.pajasa.com www.app.pajasa.com;
location /nodeapp {
proxy_pass http://localhost;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}
Now getting error :
2018/06/02 14:52:35 [alert] 3026#3026: *765 768 worker_connections are not enough while connecting to upstream, client: 127.0.0.1, server: app.pajasa.com, request: "GET /nodeapp:2000 HTTP/1.1", upstream: "http://127.0.0.1:80/nodeapp:2000", host: "www.app.pajasa.com"
url : www.app.pajasa.com/nodeapp:2000
You have an infinite loop inside your nginx. that's why you see:
/nodeapp:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000:2000....
If your Node app, is listening on port 2000, don't use listen 2000; on Nnginx.
And after you drop that, request to: http://localhost/nodeapp will be passed onto your node app.
Furthermore, your proxy_pass is incorrect, it should be:
proxy_pass http://localhost:2000;
UPDATE
Your URL is wrong
www.app.pajasa.com/nodeapp:2000 // INCORRECT
First of all as we already mention, if you're using Nginx to proxy to your Node.js APP, you don't have to add the port on the URL, secondly and more important is that isn't how ports work:
www.app.pajasa.com:2000 // This is correct
Drop :2000 from the URL, Nginx will proxy it to your node app.
www.app.pajasa.com/nodeapp
proxy_pass http://localhost:2000/nodeapp;
Your URL scheme is wrong, its always PROTO://DOMAIN:PORT/PATH
listen 2000;
Your nginx should not listen to the app port. In this case the nginx is calling it self recursively.
My website was running on port 80 (http) and I was using nginx without any problem. Below is default file that I was using in nginx
server {
listen 80;
server_name www.example.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
Now I am planning to use https and downloaded Lets encrypt certs.Currently I am not able to access the website. I am getting following error .
*[error] 754#754: 1 upstream prematurely closed connection while reading response header fro
m upstream, client: xxx.xx.xxx.xxx, server: example.com, request: "GET /favicon.ico HTTP/2.0", upstream: "h
ttp://127.0.0.1:3000/favicon.ico", host: "www.exapmple.com", referrer: "https://www.example.com/"
Below is my default file from nginx
# HTTP — redirect all traffic to HTTPS
server {
listen 80;
listen [::]:80 default_server ipv6only=on;
return 301 https://$host$request_uri;
}
server {
listen 443 default_server ssl;
listen [::]:443 ssl http2;
server_name example.com www.example.com;
# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# intermediate configuration. tweak to your needs.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;
# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
My nodejs code is as follows
var app = express();
var port = 3000;
var server = https.createServer(app).listen(port, function() {
console.log("Application connected on port " + port);
});
and server is running at port 3000.
Thanks in advance.. J
This issue is resolved now. Problem was with nodejs code.
I changed above code to
var app = express();
var port = 3000;
var server = app.listen(port, function() {
console.log("Application connected on port " + port);
});
https.createserver calls the http.server() internally and creates the instance.
so by removing this, the error got resolved.
Thanks for help !!
this reason is because you request url has space, "h ttp://127.0.0.1:3000/favicon.ico",and node http server doesn't support url has uncoded space,so you may delete the space or use net server instead. wish to solve you problem
I'm running nginx for my node.js application on a AWS EC2 instance. I want to use websockets (socket.io) and normal http request/response. My problem is, whenever I have an active socket connection from my mobile device to the server and try to make a normal http request, the mobile device's socket.io error function is called with the message "502 Bad Gateway".
Only socket works. Only normal http request works as well.
I figured out, that this problem occurred after I setup nginx to use https only.
Here is my nginx config in /sites-enabled /sites-available:
server {
listen 80;
listen 443 ssl;
server_name example.com www.example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
if ($scheme != "https") {
rewrite ^ https://$host$request_uri? permanent;
}
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
}
}
Nginx error log:
[error] 14117#14117: *50 upstream prematurely closed connection while reading response header from upstream, client: 78.94.9.226, server: example.com, request: "GET /socket.io/?transport=polling&b64=1&sid=rgXMQhL6mbSET8ktAAAA HTTP/1.1", upstream: "http://127.0.0.1:3000/socket.io/?transport=polling&b64=1&sid=rgXMQhL6mbSET8ktAAAA", host: "example.com"
iOS error log:
LOG SocketIOClient: Handling event: error with data: ["Got unknown error from server <html>\r\n<head><title>502 Bad Gateway</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>502 Bad Gateway</h1></center>\r\n<hr><center>nginx/1.10.3 (Ubuntu)</center>\r\n</body>\r\n</html>\r\n"]
If you need any more information, let me know!
I fixed the problem by myself. It was a really dumbass problem. I created a file inside my node.js server folder called access.log and told the morgan logger to write into the file. The thing I forgot was, that I'm using PM2 to restart the server whenever there is a change in code inside the server folder. So PM2 restarted the server every time I made a http request and the socket disconnected.
Change your nginx config into two blocks
server {
listen 80;
listen 443 ssl;
server_name example.com www.example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
if ($scheme != "https") {
rewrite ^ https://$host$request_uri? permanent;
}
location /socket.io {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
}
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
}
}
You want to only upgrade connection for socket.io and not other urls
Ive got a rpi2 running node.js with an app configured via .env on port 442. Nginx is configured to serve https with letsencrypt certificate. I tried the node app by itself on http and it responded fine. I tried the served index.html on https on nginx from my mac on the lan and it worked fine. The issue is now that Im trying to combine them.
Im test posting from hurl.it but getting a bad gateway error and the error log on nginx for the site says:
POST /API/switches/sw1?password=123456 HTTP/1.1", upstream:
"http://192.168.1.53:442/50x.html", host: "subdomain.domain.com"
2017/04/23 20:08:38 [error] 20424#0: *4 upstream prematurely closed
connection while reading response header from upstream, client:
192.168.1.56, server: subdomain.domain.com, request: "GET /aism/ HTTP/1.1", upstream: "http://192.168.1.53:442/aism/", host:
"subdomain.domain.com" 2017/04/23 20:08:38 [error] 20424#0: *4
upstream prematurely closed connection while reading response header
from upstream, client: 192.168.1.56, server: subdomain.domain.com,
request: "GET /aism/ HTTP/1.1", upstream:
"http://192.168.1.53:442/50x.html", host: "subdomain.domain.com"
2017/04/23 20:09:25 [error] 20467#0: *1 upstream prematurely closed
connection while reading response header from upstream, client:
23.20.198.108, server: subdomain.domain.com, request: "POST /API/switches/sw1?password=123456 HTTP/1.1", upstream:
"http://192.168.1.53:442/API/switches/sw1?password=123456", host:
"subdomain.domain.com"
Here is my site config:
#server {
# listen 80;
# listen [::]:80;
# server_name subdomain.domain.com;
# return 301 https://$server_name$request_uri;
#}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name subdomain.domain.com;
ssl_certificate /etc/letsencrypt/live/subdomain.domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/subdomain.domain.com/privkey.pem;
root /www/subdomain.domain.com/aism;
index index.php index.html index.htm;
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
# Error & Access logs
error_log /www/subdomain.domain.com/logs/error.log error;
access_log /www/subdomain.domain.com/logs/access.log;
location / {
index index.html index.php;
proxy_pass http://192.168.1.53:442;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location ~ /.well-known {
allow all;
}
location /public {
root /www/subdomain.domain.com/aism;
}
location ~ ^/(images/|img/|javascript/|js/|css/|stylesheets/|flash/|media/|static/) {
}
#location ~ [^/].php(/|$) {
# fastcgi_split_path_info ^(.+?.php)(/.*)$;
# fastcgi_pass unix:/var/run/php5-fpm.sock;
# fastcgi_index index.php;
# include fastcgi_params;
#}
}
What is wrong with my config file for the site?
I am making muy posts on hurl.it to my router's public ip:
https://routerIP/API/switches/sw1?password=123456
that gets routed to 192.168.1.53:443 by my router
which according to the config file gets proxied to 192.168.1.53:442
On landing.example.com:10000 have I a webserver that works fine, which is a Docker container that exposes port 10000. Its IP is 172.17.0.2.
What I would like is having a nginx reverse proxy on port 80, and send the visitor to different Docker containers depending on the URL they visit.
server {
listen 80;
server_name landing.example.com;
location / {
proxy_pass http://172.17.0.2:10000/;
}
access_log /landing-access.log;
error_log /landing-error.log info;
}
When I do this, I get 502 Bad Gateway and the log says
2016/04/14 16:58:16 [error] 413#413: *84 connect()
failed (111: Connection refused) while connecting to upstream, client:
xxx.xxx.xxx.xxx, server: landing.example.com, request: "GET / HTTP/1.1",
upstream: "http://172.17.0.2:10000/", host: "landing.example.com"
try this:
upstream my_server {
server 172.17.0.2:10000;
}
server {
listen 80;
server_name landing.example.com;
location / {
proxy_pass http://my_server;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto http;
proxy_redirect http:// $scheme://;
}
}
Here you define the upstream server (your server by IP or hostname)
and make sure to forward the headers too so the server answering knowns who to answer to.