说明
Websocket(简称ws)是一种双向通信协议,使用与HTTP协议相同的端口,并通过HTTP_Upgrade机制来进行握手建立连接。而使用HTTP协议的反向代理可能对Websocket不起作用,所以本教程主要介绍基于Caddy2、Nginx、Apache2的Websocket反向代理配置。
Caddy2
1 2 3 4 5 6
| xml.wiki { tls /root/cert/pem /root/cert/key #或由Caddy自动申请 reverse_proxy localhost:7890 #所有代理请求 reverse_proxy /xml/* localhost:7890 #/xml开头的请求代理 reverse_proxy /xml{http.request.uri.path} localhost:7890{http.request.uri.path} #保留原始请求路径的路由 }
|
Nginx
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
| server { listen 443 ssl; server_name xml.wiki; ssl_certificate /root/cert/pem; ssl_certificate_key /root/cert/key; ssl_session_timeout 5m;
location / { proxy_redirect off; proxy_pass http://127.0.0.1:7890; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
|
Apache2
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
| sudo a2enmod ssl rewrite proxy proxy_http proxy_wstunnel nano /etc/apache2/sites-available/000-default.conf
<IfModule mod_ssl.c> <VirtualHost *:443> ServerName xml.wiki SSLEngine on SSLCertificateFile /root/cert/pem SSLCertificateKeyFile /root/cert/key ProxyRequests off ProxyPreserveHost on RewriteEngine on <Proxy *> Order deny,allow Allow from all </Proxy> ProxyPass / http://localhost:7890/ ProxyPassReverse / http://localhost:7890/ RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC] RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC] RewriteRule .* ws://localhost:7890%{REQUEST_URI} [P] ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> </IfModule>
systemctl reload apache2
|