proxy now works with ssl as wss:// or ws://

Author: burggraf

packages/websockproxy/Dockerfile

@@ -21,7 +21,7 @@ RUN DEBIAN_FRONTEND="noninteractive" apt-get -y install tzdata
 RUN apt-get install -y nano && apt-get install -y nginx
 
 COPY nginx.conf /etc/nginx
-COPY default /etc/nginx/sites-enabled
+#COPY default /etc/nginx/sites-enabled ## moved this block to nginx.conf
 #EXPOSE 80
 
 CMD /opt/websockproxy/docker-startup.sh

packages/websockproxy/default

@@ -8,84 +8,49 @@ events {
 	# multi_accept on;
 }
 
-http {
-
-	##
-	# Basic Settings
-	##
-
-	sendfile on;
-	tcp_nopush on;
-	tcp_nodelay on;
-	keepalive_timeout 65;
-	types_hash_max_size 2048;
-	# server_tokens off;
-
-	# server_names_hash_bucket_size 64;
-	# server_name_in_redirect off;
-
-	include /etc/nginx/mime.types;
-	default_type application/octet-stream;
-
-	##
-	# SSL Settings
-	##
-
-	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
-	ssl_prefer_server_ciphers on;
-
-	##
-	# Logging Settings
-	##
-
-	#access_log /var/log/nginx/access.log;
-	#error_log /var/log/nginx/error.log;
-
-	##
-	# Gzip Settings
-	##
+stream {
+       #access_log  /var/log/nginx/db.access.log;
+       #error_log  /var/log/nginx/db.error.log;
+       #include /etc/nginx/sites-enabled/default;
 
-	gzip on;
+        map $server_port $upstream {
+           "~(\d)(\d\d\d)$" 10.5.$1.$2:5432;
+        }
 
-	# gzip_vary on;
-	# gzip_proxied any;
-	# gzip_comp_level 6;
-	# gzip_buffers 16 8k;
-	# gzip_http_version 1.1;
-	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+        server {
+           listen 6001-6254 so_keepalive=on;
 
-	##
-	# Virtual Host Configs
-	##
+           #allow <ip_address>;
+           #deny all;
 
-	include /etc/nginx/conf.d/*.conf;
-	#include /etc/nginx/sites-enabled/*;
+           proxy_connect_timeout 60s;
+           proxy_socket_keepalive on;
+           proxy_pass $upstream;
+        }
 }
 
-
-#mail {
-#	# See sample authentication script at:
-#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
-# 
-#	# auth_http localhost/auth.php;
-#	# pop3_capabilities "TOP" "USER";
-#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
-# 
-#	server {
-#		listen     localhost:110;
-#		protocol   pop3;
-#		proxy      on;
-#	}
-# 
-#	server {
-#		listen     localhost:143;
-#		protocol   imap;
-#		proxy      on;
-#	}
-#}
-stream {
-       #access_log  /var/log/nginx/db.access.log;
-       #error_log  /var/log/nginx/db.error.log;
-       include /etc/nginx/sites-enabled/default;
+http {
+  server {
+   listen 443 http2 ssl;
+   listen [::]:443 http2 ssl;
+
+   server_name proxy.azabab.com;
+   ssl_certificate  /root/fullchain.pem;
+   ssl_certificate_key  /root/privkey.pem;
+   ssl_prefer_server_ciphers on;
+
+   location / {
+        proxy_set_header        Host $host;
+        proxy_set_header        X-Real-IP $remote_addr;
+        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header        X-Forwarded-Proto $scheme;
+        
+	proxy_pass	http://localhost:80;
+	proxy_read_timeout   90;
+
+	proxy_http_version   1.1;
+	proxy_set_header     Upgrade $http_upgrade;
+	proxy_set_header     Connection "upgrade";	
+   }
+  }
 }
-